Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92789 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Optimizer pro and iminent on my computer [Solved]

optimizer pro

  • This topic is locked This topic is locked
90 replies to this topic

#61 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 01 October 2014 - 11:14 AM

First do this

 

  • Please download rkill (Courtesy of Bleepingcomputer.com).
  • There are 5 different versions of this tool. If one of them will not run, please try the next one in the list.
  • Note: Vista and Windows 7 Users must right click and select "Run as Administrator" to run the tool.
  • Note: You only need to get one of the tools to run, not all of them.
  •  
     
     
    Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message.
     
    Run rkill repeatedly until it's able to do it's job. This may take a few tries.
     
    You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.
     
     
     
    Then run the fix with FRST
     
     
    Then open Malwarebytes , check for updates and run the Threat scan and hopefully this time I can see the report


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

      Advertisements

    Register to Remove


    #62 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 11:35 AM

    Rkill found nothing.  ran it 3 times.

     

    Rkill 2.6.8 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2014 BleepingComputer.com
    More Information about Rkill can be found at this link:
    http://www.bleepingc...opic308364.html

    Program started at: 10/01/2014 12:34:03 PM in x86 mode.
    Windows Version: Windows 7 Home Premium Service Pack 1

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * No malware processes found to kill.

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * Windows Defender Disabled

       [HKLM\SOFTWARE\Microsoft\Windows Defender]
       "DisableAntiSpyware" = dword:00000001

    * Windows Firewall Disabled

       [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
       "EnableFirewall" = dword:00000000

    * Reparse Point/Junctions Found (Most likely legitimate)!

         * C:\Windows\AppPatch\spbin => C:\PROGRA~1\SearchProtect\SearchProtect\bin [Dir]

    Checking Windows Service Integrity:

    * Windows Defender (WinDefend) is not Running.
       Startup Type set to: Manual

    Searching for Missing Digital Signatures:

    * No issues found.

    Checking HOSTS File:

    * HOSTS file entries found:

      127.0.0.1       localhost

    Program finished at: 10/01/2014 12:34:35 PM
    Execution time: 0 hours(s), 0 minute(s), and 32 seconds(s)



    #63 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 01 October 2014 - 12:15 PM

    RKill doesn't remove malware, if just stops it from running so we can run our tools, so proceed with the fix and then run Malwarebytes



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #64 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 12:57 PM

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2014
    Ran by CARL at 2014-10-01 13:47:56 Run:1
    Running from C:\Users\CARL\Desktop
    Loaded Profile: CARL (Available profiles: CARL & Liza)
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    Start
    (MyOSCompany) C:\Program Files\Web Protect\MyOSProtect.exe
    HKLM\...\Run: [ConvertAd] => C:\Users\CARL\AppData\Local\ConvertAd\ConvertAd.exe
    C:\Users\CARL\AppData\Local\ConvertAd
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Super Optimizer] => C:\Program Files\Super Optimizer\SupOptLauncher.exe [675696 2014-08-26] (SUPER PC TOOLS LIMITED)
    Toolbar: HKLM - No Name - {7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6} -  No File
    Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 15 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    R3 MyOSProtect; C:\Program Files\Web Protect\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
    C:\Program Files\Web Protect
    2014-09-27 04:48 - 2014-09-27 04:48 - 00004184 _____ () C:\Windows\system32\MyOSProtect.ini
    R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
    2014-09-25 22:21 - 2014-09-25 22:21 - 00000000 ____D () C:\Users\CARL\Documents\Super Optimizer
    2014-09-25 22:21 - 2014-09-25 22:21 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\Super Optimizer
    2014-09-25 22:15 - 2014-09-25 22:15 - 00001044 _____ () C:\Users\CARL\Desktop\Super Optimizer.lnk
    2014-09-25 22:15 - 2014-09-25 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
    2014-09-25 22:15 - 2014-09-25 22:15 - 00000000 ____D () C:\Program Files\Super Optimizer
    2014-09-25 19:10 - 2014-09-25 19:11 - 00000000 ____D () C:\Users\Liza\AppData\Local\{6BF07967-B876-4E01-BE11-7AC7D60E2702}
    2014-09-23 17:03 - 2014-09-01 11:28 - 00304776 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect.dll
    2014-09-23 17:01 - 2014-09-27 06:42 - 00000000 ____D () C:\Program Files\Web Protect
    Task: {9168A11B-320A-4B1E-B5F6-68057362C837} - System32\Tasks\Super Optimizer Schedule => C:\Program Files\Super Optimizer\SupOptLauncher.exe [2014-08-26] (SUPER PC TOOLS LIMITED)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== AT
    Hosts:
    EmptyTemp:
    End
    *****************

    C:\Program Files\Web Protect\MyOSProtect.exe => No running process found
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ConvertAd => Value not found.
    "C:\Users\CARL\AppData\Local\ConvertAd" => File/Directory not found.
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Super Optimizer => Value not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6} => Value not found.
    "HKCR\CLSID\{7e8cd3ea-a4d1-48f5-9fae-c8fe18e94ee6}" => Key not found.
    "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => Error deleting key. The key could be protected.
    "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => Error deleting key. The key could be protected.
    "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => Error deleting key. The key could be protected.
    "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => Error deleting key. The key could be protected.
    "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015" => Error deleting key. The key could be protected.
    "HKLM\SOFTWARE\Policies\Google" => Key not found.
    MyOSProtect => Service not found.
    "C:\Program Files\Web Protect" => File/Directory not found.

     

    moving on to malwarebytes



    #65 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 01 October 2014 - 12:59 PM

    You used an older fixlist, wont work, just drag it to the trash, this is the new one

     

    Start
    R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
    C
    :\Windows\system32\Drivers\pcwatch.sys
    c
    :\windows\system32\myosprotect.dll 
    2014-09-02 12:55 - 2014-09-02 12:55 - 00034244 _____ () C:\monitorsvc.exe
    2014-09-02 11:21 - 2014-09-02 11:21 - 00634880 _____ () C:\DirectControl.exe
    Hosts:
    EmptyTemp:
    End



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #66 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 01:24 PM

    the scan supposedly worked but when I tried to cut and paste it didn't work and when I tried to export it I got a runtime error.

    #67 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 01 October 2014 - 01:32 PM

    I need to see the fixlog, it should be on your desktop.  Are you talking about Malwarebytes giving you that error ?

     

    Post the fixlog and then run a new scan with FRST, check Additions and post both logs and lets see where we stand

     

     

    FYI, been at this for a very long time and infections come and go, this one is fairly new, when i researched it on a lot of malware removal forums it looked like Malwarebytes removed it



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #68 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 01:35 PM

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2014
    Ran by CARL at 2014-10-01 14:27:17 Run:2
    Running from C:\Users\CARL\Desktop
    Loaded Profile: CARL (Available profiles: CARL & Liza)
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    Start
    R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
    C:\Windows\system32\Drivers\pcwatch.sys
    c:\windows\system32\myosprotect.dll
    2014-09-02 12:55 - 2014-09-02 12:55 - 00034244 _____ () C:\monitorsvc.exe
    2014-09-02 11:21 - 2014-09-02 11:21 - 00634880 _____ () C:\DirectControl.exe
    Hosts:
    EmptyTemp:
    End
    *****************

    pcwatch => Unable to stop service
    pcwatch => Error deleting Service
    Could not move "C:\Windows\system32\Drivers\pcwatch.sys" => Scheduled to move on reboot.
    Could not move "c:\windows\system32\myosprotect.dll" => Scheduled to move on reboot.
    Could not move "C:\monitorsvc.exe" => Scheduled to move on reboot.
    C:\DirectControl.exe => Moved successfully.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 6.8 MB temporary data.

    => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-01 14:32:09)<=

    "C:\Windows\system32\Drivers\pcwatch.sys" => File could not move.
    "c:\windows\system32\myosprotect.dll" => File could not move.
    "C:\monitorsvc.exe" => File could not move.

    ==== End of Fixlog ====

     

    will scan next.  thanks for your patience.



    #69 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 01:54 PM

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
    Ran by CARL (administrator) on CARL-PC on 01-10-2014 14:36:15
    Running from C:\Users\CARL\Desktop
    Loaded Profile: CARL (Available profiles: CARL & Liza)
    Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
    (Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
    (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    (Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
    (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
    (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe



    #70 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 01:54 PM

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2014
    Ran by CARL at 2014-10-01 14:37:55
    Running from C:\Users\CARL\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
    Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
    Adobe AIR (Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
    ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.26.0.1106 - Bitdefender)
    bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
    BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
    Canon MP240 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series) (Version:  - )
    Canon MP240 series User Registration (HKLM\...\Canon MP240 series User Registration) (Version:  - )
    Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
    Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
    Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
    Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06190 - Sony Corporation)
    Click to Disc (Version: 1.2.00.06190 - Sony Corporation) Hidden
    Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation)
    Click to Disc Editor (Version: 1.2.00 - Sony Corporation) Hidden
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Elevated Installer (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Garmin Express (HKLM\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)


      Advertisements

    Register to Remove


    #71 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 01 October 2014 - 03:20 PM

    Hi, the new scans are not complete logs



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #72 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 08:28 PM

    Sorry about that. 

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2014
    Ran by CARL (administrator) on CARL-PC on 01-10-2014 14:36:15
    Running from C:\Users\CARL\Desktop
    Loaded Profile: CARL (Available profiles: CARL & Liza)
    Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
    (Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
    (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    (Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
    (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
    (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [VWLASU] => C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe [24576 2008-05-20] (Sony Electronics, Inc.)
    HKLM\...\Run: [VAIOSurvey] => C:\Program Files\Sony\VAIO Survey\VAIO Sat Survey.exe [385024 2008-07-25] ()
    HKLM\...\Run: [VAIOMyMemCenter] => C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe [679936 2008-02-29] ()
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-03-09] (Synaptics, Inc.)
    HKLM\...\Run: [SmartWiHelper] => C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe [77824 2008-06-27] (Sony Electronics Corporation)
    HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-02] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6295552 2008-07-02] (Realtek Semiconductor)
    HKLM\...\Run: [MDS_Menu] => C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
    HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation)
    HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-03] (CANON INC.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
    HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1837336 2014-08-13] (Bitdefender)
    Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2014-08-13] (Bitdefender)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-13] (Bitdefender)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
    ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
    Startup: C:\Users\Liza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
    ShellIconOverlayIdentifiers: AOLOverlayIcon -> {AB0C8BE3-041C-47d6-8195-E089D32B38DD} => C:\DDI\overicon.dll (TODO: <Company name>)
    ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
    ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
    ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
    ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x16A6F450C046CB01
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    BHO: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
    BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
    BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    DPF: {74F4F118-91E6-4AFC-B8D2-04066781F239} https://www.member-d...dc/EZTwainX.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
    Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 15 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Tcpip\Parameters: [DhcpNameServer] 216.177.160.61 216.177.160.60

    FireFox:
    ========
    FF ProfilePath: C:\Users\CARL\AppData\Roaming\Mozilla\Firefox\Profiles\f8su429z.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\10\NP_wtapp.dll ()
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @movenetworks.com/Quantum Media Player -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-24]
    FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman [2014-03-26]
    FF HKLM\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files\Mozilla Firefox\extensions\termtutor@termtutor.com
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
    FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-26]
    FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\CARL\AppData\Roaming\Move Networks
    FF Extension: Move Media Player - C:\Users\CARL\AppData\Roaming\Move Networks [2009-05-07]

    Chrome:
    =======
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll No File
    CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Move Streaming Media Player) - C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
    CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR CustomProfile: C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Entanglement Web App) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-17]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-24]
    CHR Extension: (Bitdefender Wallet) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-03-26]
    CHR Extension: (Skype Click to Call) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-05-04]
    CHR Extension: (Poppit!) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-17]
    CHR Extension: (Google Wallet) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
    CHR HKLM\...\Chrome\Extension: [aaaajhhckaajldjhmbpgleomemmpopjp] - C:\Windows\system32\config\systemprofile\AppData\Local\bandoomusictoolbar\GC\toolbar.crx [2013-06-07]
    CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2014-03-26]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2014-08-13] (Bitdefender)
    R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
    S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
    S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2007-11-12] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2007-05-24] (Intuit Inc.) [File not signed]
    R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender)
    S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [480368 2014-09-17] (Bitdefender)
    S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
    S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
    S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
    S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2014-08-13] (Bitdefender)
    S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
    R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
    R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-06-19] (Sony Corporation)
    R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
    S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
    R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1251808 2014-08-13] (Bitdefender)
    R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
    S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1060312 2014-08-13] (BitDefender)
    R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
    S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-08-13] (BitDefender)
    R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2014-05-26] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [108008 2013-07-02] (Bitdefender SRL)
    S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL)
    R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
    R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
    S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
    R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-01] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
    R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [385096 2014-08-13] (BitDefender S.R.L.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    S3 catchme; \??\C:\Users\CARL\AppData\Local\Temp\catchme.sys [X]
    S1 ttnfd; system32\drivers\ttnfd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-01 12:28 - 2014-10-01 12:34 - 00003088 _____ () C:\Users\CARL\Desktop\Rkill.txt
    2014-10-01 12:27 - 2014-10-01 12:27 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\CARL\Desktop\rkill.exe
    2014-10-01 08:17 - 2014-10-01 08:17 - 00146960 _____ () C:\Windows\Minidump\100114-22120-01.dmp
    2014-10-01 08:12 - 2014-10-01 08:16 - 00000000 ___SD () C:\ComboFix
    2014-10-01 06:54 - 2014-10-01 11:39 - 00051920 _____ () C:\Users\CARL\Desktop\Addition.txt
    2014-10-01 06:52 - 2014-10-01 14:36 - 00025127 _____ () C:\Users\CARL\Desktop\FRST.txt
    2014-09-30 23:26 - 2014-09-30 23:26 - 00000000 ____D () C:\Users\Liza\AppData\Local\{709843D9-5A76-4B14-BE48-BD68AC33B06D}
    2014-09-30 22:21 - 2014-09-30 22:21 - 00186880 _____ (CEXX.ORG) C:\Users\CARL\Desktop\LSPFix.exe
    2014-09-30 13:33 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-09-29 19:09 - 2014-09-30 07:17 - 00000000 ____D () C:\Users\CARL\Documents\Katie
    2014-09-28 19:47 - 2014-09-28 19:48 - 00146952 _____ () C:\Windows\Minidump\092814-23743-01.dmp
    2014-09-28 14:10 - 2014-09-28 14:10 - 00146960 _____ () C:\Windows\Minidump\092814-23556-01.dmp
    2014-09-28 14:00 - 2014-10-01 08:14 - 00000000 ____D () C:\Qoobox
    2014-09-28 14:00 - 2014-09-30 22:51 - 00000000 ____D () C:\Windows\erdnt
    2014-09-28 14:00 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
    2014-09-28 14:00 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
    2014-09-28 14:00 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
    2014-09-28 13:52 - 2014-09-28 13:52 - 05582345 ____R (Swearware) C:\Users\CARL\Desktop\ComboFix.exe
    2014-09-27 17:14 - 2014-10-01 13:45 - 00000000 ____D () C:\Users\CARL\Malware fixes
    2014-09-27 13:38 - 2014-09-27 13:38 - 00000000 ____D () C:\Users\Liza\AppData\Local\{BC296350-9826-4461-89ED-ACC5B53B0351}
    2014-09-27 10:20 - 2014-09-27 10:20 - 01100288 _____ (Farbar) C:\Users\CARL\Desktop\FRST.exe
    2014-09-27 06:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
    2014-09-27 06:04 - 2014-09-27 06:20 - 00000530 _____ () C:\Users\CARL\Downloads\Result.txt
    2014-09-27 05:26 - 2014-10-01 14:31 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-27 05:25 - 2014-09-27 05:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-27 05:25 - 2014-09-27 05:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-09-27 05:25 - 2014-09-27 05:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2014-09-27 05:25 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-09-27 05:25 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-27 05:25 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-09-27 05:00 - 2014-09-27 05:00 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-27 04:53 - 2014-09-27 04:53 - 01699276 _____ (Thisisu) C:\Users\CARL\Downloads\JRT.exe
    2014-09-26 21:21 - 2014-09-26 21:21 - 00000000 ____D () C:\Users\CARL\AppData\Local\Macromedia
    2014-09-26 21:20 - 2014-09-26 21:20 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-09-26 21:20 - 2014-09-26 21:20 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\Mozilla
    2014-09-26 21:20 - 2014-09-26 21:20 - 00000000 ____D () C:\Users\CARL\AppData\Local\Mozilla
    2014-09-26 21:19 - 2014-09-26 21:19 - 00244136 _____ () C:\Users\CARL\Downloads\Firefox Setup Stub 32.0.3.exe
    2014-09-26 20:33 - 2014-10-01 14:36 - 00000000 ____D () C:\FRST
    2014-09-26 17:31 - 2014-09-26 17:31 - 00000000 ____D () C:\Users\Liza\AppData\Local\{D1075A40-3AD6-48F8-8D80-DB28A94191A8}
    2014-09-25 13:02 - 2014-09-25 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
    2014-09-24 21:53 - 2014-09-26 07:50 - 00000065 _____ () C:\Users\CARL\AppData\Roaming\WB.CFG
    2014-09-24 20:53 - 2014-09-24 20:53 - 00000000 ____D () C:\Users\CARL\AppData\Local\IsolatedStorage
    2014-09-24 20:11 - 2014-09-24 20:11 - 00000000 ____D () C:\Users\Liza\AppData\Local\{E1B82B34-94F7-4795-A227-A07AC026C3C1}
    2014-09-24 15:21 - 2014-09-24 21:58 - 01454922 _____ () C:\Users\CARL\Documents\Kanto.pptx
    2014-09-24 14:20 - 2014-09-24 14:59 - 02382044 _____ () C:\Users\CARL\Downloads\David_Mythology (1).pptx
    2014-09-24 10:02 - 2014-09-24 10:02 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
    2014-09-23 19:26 - 2014-09-23 19:26 - 00147016 _____ () C:\Windows\Minidump\092314-80558-01.dmp
    2014-09-23 17:50 - 2014-09-23 17:50 - 00000000 ____D () C:\Users\Liza\AppData\Local\{E36305E3-28E3-4440-9CEA-6993EEE77436}
    2014-09-23 17:44 - 2014-09-24 15:02 - 02382035 _____ () C:\Users\CARL\Documents\David_Mythology.pptx
    2014-09-23 17:05 - 2014-09-01 11:29 - 00020480 _____ () C:\Windows\system32\Drivers\pcwatch.sys
    2014-09-23 17:03 - 2014-09-23 17:03 - 18581088 _____ () C:\Users\CARL\Downloads\YGOPro DevPro.zip.thxo3ui.partial
    2014-09-23 17:03 - 2014-09-01 11:28 - 00304776 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect.dll
    2014-09-23 14:50 - 2014-09-24 15:21 - 01208942 _____ () C:\Users\CARL\Downloads\New_Microsoft_PowerPoint_Presentation.pptx
    2014-09-23 13:51 - 2014-09-23 14:37 - 02486374 _____ () C:\Users\CARL\Downloads\David_Mythology.pptx
    2014-09-23 12:39 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-22 16:10 - 2014-09-22 16:10 - 00918440 _____ (Oracle Corporation) C:\Users\CARL\Downloads\JavaSetup7u67.com
    2014-09-22 16:02 - 2014-09-22 16:02 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-19 06:27 - 2014-09-19 06:27 - 00000000 ____D () C:\Users\Liza\AppData\Local\{20373E10-274A-4A68-A976-51CB8838D089}
    2014-09-18 15:01 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-18 15:01 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-18 15:01 - 2014-08-18 14:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-18 15:01 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-18 15:01 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-18 15:01 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-18 15:01 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-18 15:01 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-18 15:01 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-18 15:01 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-18 15:01 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-18 15:01 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-18 15:01 - 2014-08-18 14:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-18 15:01 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-18 15:01 - 2014-08-18 14:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-18 15:01 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-18 15:01 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-18 15:01 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-18 15:01 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-18 15:01 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-18 15:01 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-18 15:01 - 2014-08-18 14:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-18 15:01 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-18 15:01 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-18 15:00 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-18 15:00 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-18 15:00 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-18 15:00 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-18 15:00 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-18 15:00 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-18 15:00 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-17 08:56 - 2014-07-06 18:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-17 08:56 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-17 08:55 - 2014-09-04 18:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-17 08:55 - 2014-09-04 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-17 08:55 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-17 08:55 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-16 22:47 - 2014-09-18 14:27 - 00000000 ____D () C:\Users\Liza\AppData\Local\{5EB1F283-A6CA-4AF7-9D54-CA3B9F6782B4}
    2014-09-16 19:49 - 2014-09-16 19:49 - 00000000 ____D () C:\found.000
    2014-09-13 01:51 - 2014-09-13 01:51 - 00000000 ____D () C:\Users\Liza\AppData\Local\{F5899911-E6E6-4F67-82C6-BD68481CA883}
    2014-09-12 21:19 - 2014-09-12 21:19 - 00000000 ____D () C:\Users\Liza\AppData\Local\{3A5CF58D-05AD-4421-8942-EA191F6D89C7}
    2014-09-12 21:15 - 2014-09-12 21:15 - 01510144 _____ () C:\Windows\Minidump\091214-45583-01.dmp
    2014-09-06 03:51 - 2014-09-06 03:51 - 00000000 ____D () C:\Users\Liza\AppData\Local\{7825CC49-70F8-493E-88C9-B07B93EB1007}
    2014-09-05 10:15 - 2014-09-05 10:15 - 00000000 ____D () C:\Users\Liza\AppData\Local\{7771BBE8-4AA6-4FE3-9C86-A5E64EC94CA1}
    2014-09-04 05:01 - 2014-09-04 22:14 - 00000000 ____D () C:\Users\Liza\AppData\Local\{EAF1BEA1-C915-4AB8-9435-5AC345EB9F88}
    2014-09-04 03:58 - 2014-08-22 18:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-09-04 03:58 - 2014-08-22 17:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-09-04 03:51 - 2014-05-14 09:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-09-04 03:51 - 2014-05-14 09:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-09-04 03:51 - 2014-05-14 09:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-09-04 03:51 - 2014-05-14 09:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-09-04 03:50 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-09-04 03:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-09-02 12:55 - 2014-09-02 12:55 - 00034244 _____ () C:\monitorsvc.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-01 14:36 - 2011-05-04 15:42 - 01545103 _____ () C:\Windows\WindowsUpdate.log
    2014-10-01 14:31 - 2012-02-14 17:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a.job
    2014-10-01 14:31 - 2010-03-14 13:07 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-01 14:29 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-01 14:29 - 2009-07-13 21:39 - 01510541 _____ () C:\Windows\setupact.log
    2014-10-01 14:28 - 2011-05-04 15:28 - 00286214 _____ () C:\Windows\PFRO.log
    2014-10-01 14:19 - 2012-02-14 17:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d.job
    2014-10-01 14:07 - 2010-03-14 13:07 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-01 14:02 - 2012-08-31 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-01 14:01 - 2011-05-04 15:05 - 00018544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-01 14:01 - 2011-05-04 15:05 - 00018544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-01 11:45 - 2011-12-01 19:51 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA.job
    2014-10-01 08:17 - 2011-07-30 11:43 - 384205671 _____ () C:\Windows\MEMORY.DMP
    2014-10-01 08:17 - 2011-07-30 11:43 - 00000000 ____D () C:\Windows\Minidump
    2014-10-01 07:11 - 2010-09-11 07:57 - 00000000 ____D () C:\Users\Liza\Tracing
    2014-09-30 23:03 - 2009-07-13 19:37 - 00000000 ___RD () C:\Users\Public
    2014-09-30 22:56 - 2009-07-13 19:04 - 00000215 _____ () C:\Windows\system.ini
    2014-09-30 22:52 - 2009-07-13 19:03 - 64487424 _____ () C:\Windows\system32\config\SOFTWARE.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 01048576 _____ () C:\Windows\system32\config\DEFAULT.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 00090112 _____ () C:\Windows\system32\config\SAM.bak
    2014-09-30 22:11 - 2011-12-01 19:51 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core.job
    2014-09-27 18:04 - 2011-05-04 15:06 - 00000000 ____D () C:\Users\CARL
    2014-09-27 11:16 - 2011-04-11 21:52 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-09-27 09:54 - 2013-09-30 20:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-09-27 06:47 - 2009-01-09 22:21 - 00000000 ____D () C:\TEMP
    2014-09-27 06:44 - 2012-06-27 12:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-09-27 05:39 - 2011-02-02 01:33 - 00000000 ____D () C:\ProgramData\Temp
    2014-09-26 21:20 - 2012-06-27 12:00 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-09-25 19:50 - 2010-09-10 16:01 - 00000000 ____D () C:\Users\Liza\Documents\Katie
    2014-09-24 20:56 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-24 20:53 - 2009-06-06 06:26 - 00000907 _____ () C:\Users\CARL\Desktop\Launch Internet Explorer Browser.lnk
    2014-09-24 13:07 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
    2014-09-24 12:29 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
    2014-09-24 10:02 - 2012-03-30 16:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-24 10:02 - 2011-05-19 14:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-19 06:47 - 2014-07-31 11:57 - 00203574 _____ () C:\Users\CARL\Desktop\1checking.xlsx
    2014-09-18 15:03 - 2008-08-21 00:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-18 15:00 - 2013-08-15 11:44 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-18 14:37 - 2014-05-07 06:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-18 14:37 - 2011-05-17 10:41 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-09-18 14:33 - 2011-05-04 15:49 - 00775124 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-17 14:36 - 2014-02-04 01:45 - 00000000 ____D () C:\Users\Liza\Documents\Retirement
    2014-09-06 03:49 - 2009-07-13 21:33 - 00371536 _____ () C:\Windows\system32\FNTCACHE.DAT

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-09-27 17:54

    ==================== End Of Log ============================



    #73 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 01 October 2014 - 08:30 PM

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-09-2014
    Ran by CARL at 2014-10-01 14:37:55
    Running from C:\Users\CARL\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
    AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Bitdefender Firewall (Disabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
    4500_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
    Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
    Adobe AIR (Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.3) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
    ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Bing Bar (HKLM\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
    Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.26.0.1106 - Bitdefender)
    bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
    BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
    BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
    Canon MP240 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series) (Version:  - )
    Canon MP240 series User Registration (HKLM\...\Canon MP240 series User Registration) (Version:  - )
    Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
    Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
    Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
    Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06190 - Sony Corporation)
    Click to Disc (Version: 1.2.00.06190 - Sony Corporation) Hidden
    Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation)
    Click to Disc Editor (Version: 1.2.00 - Sony Corporation) Hidden
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Elevated Installer (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Garmin Express (HKLM\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
    HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
    IBM Lotus Forms Viewer 3.5.1 (HKLM\...\{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73C}) (Version: 7.6.1.333 - IBM)
    Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
    J4500 (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    JoJo's Fashion Show (Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
    Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Standard 2007 (HKLM\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Standard 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
    Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
    MotoHelper 2.0.45 Driver 5.0.0 (HKLM\...\MotoHelper) (Version: 2.0.45 - Motorola)
    MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
    Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0 - Motorola Inc.) Hidden
    Move Media Player (HKCU\...\Move Media Player) (Version:  - Move Networks)
    Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
    MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    OLYMPUS ib (HKLM\...\InstallShield_{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}) (Version: 1.1.1404 - OLYMPUS IMAGING CORP.)
    OLYMPUS ib (Version: 1.1.1404 - OLYMPUS IMAGING CORP.) Hidden
    OpenMG Secure Module 5.1.00 (Version: 5.1.00.05200 - Sony Corporation) Hidden
    Plants vs. Zombies - Game of the Year (Version: 2.2.0.98 - WildTangent) Hidden
    Pokémon Trading Card Game Online (HKLM\...\{D81F39D4-FDA9-4356-92B1-16081D8BF71A}) (Version: 1.0.0 - The Pokémon Company International)
    Primo (Version: 1.00.0000 - Your Company Name) Hidden
    ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
    QuickBooks Simple Start 2008 (HKLM\...\{8ECB8220-F419-4BEB-9596-97033C533702}) (Version: 18.0.4003.606 - Intuit Inc.)
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
    Roxio Central Audio (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Copy (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Core (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Data (Version: 3.7.0 - Roxio) Hidden
    Roxio Central Tools (Version: 3.7.0 - Roxio) Hidden
    Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
    Roxio Easy Media Creator Home (Version: 10.1.177 - Roxio) Hidden
    Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.1.00.07290 - Sony Corporation)
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
    Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SmartWi Connection Utility (HKLM\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.4.0.20080627.1647 - Sony Corporation)
    Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.2.02.06170 - Sony Corporation)
    Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.4.00 - Sony Corporation)
    Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
    SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.13.0 - Synaptics)
    Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
    Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
    VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.0.00.17290 - Sony Corporation)
    VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{FD72E69E-CF34-4071-BFD6-FD081A365E2C}) (Version: 3.2.00.06115 - Sony Corporation)
    VAIO Content Metadata Intelligent Analyzing Manager (Version: 3.2.00.06115 - Sony Corporation) Hidden
    VAIO Content Metadata Manager Setting (HKLM\...\{FE697886-F392-4E0D-A0C0-47587BF60992}) (Version: 3.2.00.06062 - Sony Corporation)
    VAIO Content Metadata Manager Setting (Version: 3.2.00.06062 - Sony Corporation) Hidden
    VAIO Content Metadata XML Interface Library (HKLM\...\{CB8A8696-93EC-414E-A752-850AB133F68A}) (Version: 3.2.00.06112 - Sony Corporation)
    VAIO Content Metadata XML Interface Library (Version: 3.2.00.06112 - Sony Corporation) Hidden
    VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.1.00.07110 - Sony Corporation)
    VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
    VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
    VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.2.00.06200 - Sony Corporation)
    VAIO Entertainment Platform (Version: 3.2.00.06200 - Sony Corporation) Hidden
    VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.1.00.07150 - Sony Corporation)
    VAIO Help and Support (HKLM\...\{D47FE987-EA3D-424B-9886-B752501D7CE7}) (Version: 6.00.0805.NS - Sony Corporation)
    VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.1.00.06130 - Sony Corporation)
    VAIO Media plus (HKLM\...\{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}) (Version: 1.1.00.05240 - Sony Corporation)
    VAIO Media plus (Version: 1.1.00.05240 - Sony Corporation) Hidden
    VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.3.00.06240 - Sony Corporation)
    VAIO Movie Story (Version: 1.3.00.06240 - Sony Corporation) Hidden
    VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.3.00.06120 - Sony Corporation)
    VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 2.1.00.06110 - Sony Corporation)
    VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
    VAIO My Memory Center (HKLM\...\{E1D25278-B51A-4163-BC3D-20A4D2D09F98}) (Version: 1.00.0229 - Sony)
    VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.04230 - Sony Corporation)
    VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.1.00.06190 - Sony Corporation)
    VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.0.00.04240 - Sony Corporation)
    VAIO Survey (HKLM\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.0722 - Sony Corporation)
    VAIO Update 4 (HKLM\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.0.0.06110 - Sony Corporation)
    VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.2.00.05200 - Sony Corporation)
    VAIO Wireless Wizard (HKLM\...\{BCED773C-99EE-48DD-8915-25733F69F0A8}) (Version: 1.01.0722 - Sony)
    WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
    WildTangent Games (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (Version: 4.0.10.5 - WildTangent) Hidden
    Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
    Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
    Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.513 - InterVideo Inc.)
    WinDVD for VAIO (Version: 8.0-B9.513 - InterVideo Inc.) Hidden
    WinZip 15.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}) (Version: 15.5.9468 - WinZip Computing, S.L. )
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{1704815D-0A03-44ff-8646-1AE1FE84E313}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2008\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2008\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2008\qbw32.exe (Intuit Inc.)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CustomCLSID: HKU\S-1-5-21-201924879-2192290182-1421096681-1000_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

    ==================== Restore Points  =========================

    22-09-2014 23:01:10 Installed Java 7 Update 67
    24-09-2014 10:00:17 Windows Update
    25-09-2014 03:17:05 Removed Java™ SE Runtime Environment 6
    25-09-2014 20:01:58 Windows Update
    28-09-2014 21:01:06 ComboFix created restore point
    01-10-2014 05:19:44 prior to LSPfix
    01-10-2014 06:16:56 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2014-09-28 15:01 - 2014-10-01 14:27 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1ACBDAEC-2A53-4506-A49D-D873A37BC917} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {409EF0D1-2513-4E3A-A76D-E257DF41C405} - System32\Tasks\{C3F51740-AF9E-48E9-A175-E6984F04682F} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
    Task: {427E299A-AD91-4E61-92A9-4B996E3486BC} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {43EF19D6-51FA-494B-BF61-051F9A268419} - System32\Tasks\{8DDFCE64-8F19-408F-A578-FA55880C9EA4} => Chrome.exe
    Task: {43FC69D4-6AD4-4A8B-B9B2-678DCC1C260C} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe
    Task: {4D4940F1-04EB-49F4-AAC1-63F4631A23E9} - System32\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
    Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
    Task: {59EFDEC1-B8C1-4320-9CCA-B05EB79B3179} - System32\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
    Task: {5EA6180C-1E3F-497E-B3B5-845E667EC203} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {5F96E265-E858-4B4B-ADDF-F6429A8B6516} - System32\Tasks\{2CC1A021-FFE3-45A0-B851-6F2F34A41623} => Chrome.exe
    Task: {6452F7EE-CBDC-45C8-895B-781C465E6354} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {68604C8B-9D2C-489C-97FA-37A5F688EA61} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-23] ()
    Task: {708C4888-0606-4B4E-AF5B-6FDE8BE0A415} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
    Task: {729EDBDB-A3BE-4D9B-A20E-4D06A20629AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)
    Task: {76A80074-2D6D-4C86-820D-24BBD40865DA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
    Task: {76B152FC-C976-445C-AA3A-D5A807B21A05} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-06-11] (Sony Corporation)
    Task: {A283E1E6-3AF9-4E4E-A638-A89421812F73} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files\Sony\VAIO Wallpaper Setting Tool\VWSet.exe [2008-06-27] (Sony Corporation)
    Task: {AEEC548D-24D3-45D5-BE5D-9C1F57505F50} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-13] (Microsoft Corporation)
    Task: {DCBF70A4-DDED-465D-84EB-29552F50CDBE} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
    Task: {EBC0B3BD-4E30-4CBF-B7E5-4CEF62D5CAD8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
    Task: {FBB48E63-E9E5-48AA-9743-88B441929985} - System32\Tasks\{84FBF9DD-3B08-439B-9B55-C2650159933F} => C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe
    Task: {FFC96332-BC48-4DF6-95C8-A5396C7B66D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core.job => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA.job => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d.job => C:\Program Files\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-08-13 12:05 - 2014-08-13 12:05 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
    2014-08-13 12:05 - 2014-08-13 12:05 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
    2014-03-26 14:24 - 2011-11-14 19:17 - 00132176 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
    2014-08-13 12:05 - 2014-08-13 12:05 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
    2014-07-24 11:46 - 2014-07-24 11:46 - 00676568 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttpbr.mdl
    2014-07-24 11:46 - 2014-07-24 11:46 - 00490144 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttpdsp.mdl
    2014-07-24 11:46 - 2014-07-24 11:46 - 02138096 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttpph.mdl
    2014-07-24 11:46 - 2014-07-24 11:46 - 01128744 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00040_005\ashttprbl.mdl
    2011-01-27 14:13 - 2011-01-27 14:13 - 00226624 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    2008-08-01 13:55 - 2008-07-15 18:04 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
    2008-08-01 13:55 - 2008-07-15 18:04 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
    2014-03-26 14:24 - 2013-03-25 15:16 - 00919136 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
    2011-01-27 14:13 - 2011-01-27 14:13 - 00673088 _____ () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    2014-03-26 14:23 - 2014-08-13 12:05 - 00095088 _____ () C:\Program Files\Bitdefender\Bitdefender\bdmetrics.dll
    2008-08-21 00:17 - 2008-06-02 12:37 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    2008-08-21 00:17 - 2008-06-02 12:37 - 00118784 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SonyCommonLib.dll
    2008-08-21 00:17 - 2008-06-02 12:37 - 00020480 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\DebugMsg.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00020480 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Resources.dll
    2008-08-21 00:17 - 2008-06-02 12:37 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SharedInterfaces.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\DictionaryLookup.dll
    2008-08-21 00:17 - 2008-04-17 00:59 - 00024576 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\MessageXML.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00040960 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
    2008-08-21 00:17 - 2008-06-02 12:37 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00036864 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00040960 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00024576 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00024576 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00020480 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
    2008-08-21 00:17 - 2008-06-23 12:22 - 00028672 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    2008-08-21 00:17 - 2008-04-17 01:00 - 00016384 _____ () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWGadgetInterface.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Windows\system32\FlashPlayerInstaller.exe:BDU
    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\Users\CARL\Desktop\ComboFix.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Desktop\FRST.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Desktop\LSPFix.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Desktop\rkill.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Downloads\Firefox Setup Stub 32.0.3.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Downloads\install_flashplayer14x32axau_mssa_aaa_aih.exe:BDU
    AlternateDataStreams: C:\Users\CARL\Downloads\JavaSetup7u67.com:BDU
    AlternateDataStreams: C:\Users\CARL\Downloads\JRT.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Desktop\Minecraft (2).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\adventurequesttoolbar.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\chromeinstall-7u7 (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\chromeinstall-7u7.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\Firefox Setup 13.0.1 (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\Firefox Setup 13.0.1.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\GarminExpress.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\install_flashplayer11x32_mssa_aih.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\install_flashplayer14x32ax_chra_dy_awa_aih (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\Minecraft (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\setup-lightshot-2.5.0.0 (1).exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\setup-lightshot-2.5.0.0.exe:BDU
    AlternateDataStreams: C:\Users\Liza\Downloads\TechnicLauncher.exe:BDU

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-201924879-2192290182-1421096681-500 - Administrator - Disabled)
    CARL (S-1-5-21-201924879-2192290182-1421096681-1000 - Administrator - Enabled) => C:\Users\CARL
    Guest (S-1-5-21-201924879-2192290182-1421096681-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-201924879-2192290182-1421096681-1003 - Limited - Enabled)
    Liza (S-1-5-21-201924879-2192290182-1421096681-1001 - Administrator - Enabled) => C:\Users\Liza

    ==================== Faulty Device Manager Devices =============

    Name: ttnfd
    Description: ttnfd
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ttnfd
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/01/2014 02:30:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (10/01/2014 02:30:20 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (10/01/2014 01:52:43 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (10/01/2014 01:52:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (10/01/2014 08:20:22 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
    Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

    Error: (10/01/2014 08:20:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (10/01/2014 02:46:20 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
    Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (10/01/2014 02:46:19 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
    Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (10/01/2014 02:46:19 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
    Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (10/01/2014 02:46:19 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
    Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    System errors:
    =============
    Error: (10/01/2014 02:32:59 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (10/01/2014 02:32:59 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/2143740059/

    Error: (10/01/2014 02:32:59 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (10/01/2014 02:32:59 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/2143740059/

    Error: (10/01/2014 02:30:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    ttnfd

    Error: (10/01/2014 02:30:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Server service terminated with the following error:
    %%14

    Error: (10/01/2014 01:54:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (10/01/2014 01:54:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/2143740059/

    Error: (10/01/2014 01:54:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
    Description: 0x800700b7

    Error: (10/01/2014 01:54:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
    Description: 00x800700b7http://+:10243/WMPNSSv4/2143740059/

    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
      Date: 2013-06-17 18:37:39.794
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-14 15:47:58.270
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-14 08:36:27.036
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-14 07:59:37.901
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-12 11:36:45.492
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-12 11:11:13.133
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-12 10:58:44.950
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-11 17:43:24.032
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-11 17:29:43.887
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-06-11 17:16:29.403
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2012\Active Virus Control\Avc3_00194_053\avcuf32.dll because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================

    Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz
    Percentage of memory in use: 56%
    Total physical RAM: 2939.04 MB
    Available physical RAM: 1270.87 MB
    Total Pagefile: 5876.36 MB
    Available Pagefile: 3618.73 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1904.23 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:223.99 GB) (Free:128.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B48D4FA6)
    Partition 1: (Not Active) - (Size=8.9 GB) - (Type=27)
    Partition 2: (Active) - (Size=224 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================



    #74 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 02 October 2014 - 04:40 AM

    Open notepad and then copy and paste the bolded lines below into Notepad. 
    Go to File > save as and name the file fixes.bat. 
    Change the Save as type to all files and save it to your desktop.
     
     
    @echo off
    sc stop pcwatch
    sc delete pcwatch
    if exist c:\windows\system32\drivers\pcwatch.sys attrib -s -h -r c:\windows\system32\drivers\pcwatch.sys
    if exist c:\windows\system32\drivers\pcwatch.sys del /f /q :\windows\system32\drivers\pcwatch.sys
    exit
     
     
    Double-click on fixes.bat file to execute it.
     
     
    Then run a new scan with FRST, don't need additions this time


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #75 cstruck

    cstruck

      Authentic Member

    • Authentic Member
    • PipPip
    • 80 posts

    Posted 02 October 2014 - 01:00 PM

    I didn't save as File "all type" but it seemed to work.  here is the scan.

     

    Ran by CARL (administrator) on CARL-PC on 02-10-2014 13:53:51
    Running from C:\Users\CARL\Desktop
    Loaded Profiles: CARL & Liza (Available profiles: CARL & Liza)
    Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
    (Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
    (Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
    (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    (Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe
    (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    () C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
    (Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
    (Microsoft Corporation) C:\Windows\System32\schtasks.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
    (Sony Electronics, Inc.) C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
    (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    (CANON INC.) C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE
    (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
    (Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    (OLYMPUS IMAGING CORP.) C:\Program Files\Olympus\ib\olycamdetect.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
    () C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWi.exe
    (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
    (Microsoft Corporation) C:\Windows\System32\prevhost.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    (Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [VWLASU] => C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe [24576 2008-05-20] (Sony Electronics, Inc.)
    HKLM\...\Run: [VAIOSurvey] => C:\Program Files\Sony\VAIO Survey\VAIO Sat Survey.exe [385024 2008-07-25] ()
    HKLM\...\Run: [VAIOMyMemCenter] => C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe [679936 2008-02-29] ()
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-03-09] (Synaptics, Inc.)
    HKLM\...\Run: [SmartWiHelper] => C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe [77824 2008-06-27] (Sony Electronics Corporation)
    HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-02] (Realtek Semiconductor Corp.)
    HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6295552 2008-07-02] (Realtek Semiconductor)
    HKLM\...\Run: [MDS_Menu] => C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
    HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation)
    HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-03] (CANON INC.)
    HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1837336 2014-08-13] (Bitdefender)
    Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-13] (Microsoft Corporation)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2014-08-13] (Bitdefender)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-13] (Bitdefender)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [Olympus ib] => C:\Program Files\Olympus\ib\olycamdetect.exe [93376 2010-02-04] (OLYMPUS IMAGING CORP.)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-14] (Google Inc.)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [Facebook Update] => C:\Users\Liza\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [LightShot] => C:\Users\Liza\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
    HKU\S-1-5-21-201924879-2192290182-1421096681-1001\...\MountPoints2: {bea6ae22-ab85-11e1-aa0f-001dba8b0701} - H:\setup.exe -a
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [482392 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [901608 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
    ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
    Startup: C:\Users\Liza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
    ShellIconOverlayIdentifiers: AOLOverlayIcon -> {AB0C8BE3-041C-47d6-8195-E089D32B38DD} => C:\DDI\overicon.dll (TODO: <Company name>)
    ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
    ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
    ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
    ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x16A6F450C046CB01
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    BHO: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
    BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    DPF: {74F4F118-91E6-4AFC-B8D2-04066781F239} https://www.member-d...dc/EZTwainX.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
    Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Winsock: Catalog9 01 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 02 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 03 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 04 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Winsock: Catalog9 15 C:\Windows\system32\MyOSProtect.dll [304776] (MyOSCompany)
    Tcpip\Parameters: [DhcpNameServer] 216.177.160.61 216.177.160.60

    FireFox:
    ========
    FF ProfilePath: C:\Users\CARL\AppData\Roaming\Mozilla\Firefox\Profiles\f8su429z.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\10\NP_wtapp.dll ()
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @movenetworks.com/Quantum Media Player -> C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-24]
    FF HKLM\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\ffpwdman
    FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\ffpwdman [2014-03-26]
    FF HKLM\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files\Mozilla Firefox\extensions\termtutor@termtutor.com
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
    FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-26]
    FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\CARL\AppData\Roaming\Move Networks
    FF Extension: Move Media Player - C:\Users\CARL\AppData\Roaming\Move Networks [2009-05-07]

    Chrome:
    =======
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Skype Toolbars) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\npSkypeChromePlugin.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll No File
    CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Move Streaming Media Player) - C:\Users\CARL\AppData\Roaming\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
    CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Plugin: (Default Plug-in) - default_plugin No File
    CHR CustomProfile: C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Entanglement Web App) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-17]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-24]
    CHR Extension: (Bitdefender Wallet) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-03-26]
    CHR Extension: (Skype Click to Call) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-05-04]
    CHR Extension: (Poppit!) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-17]
    CHR Extension: (Google Wallet) - C:\Users\CARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
    CHR HKLM\...\Chrome\Extension: [aaaajhhckaajldjhmbpgleomemmpopjp] - C:\Windows\system32\config\systemprofile\AppData\Local\bandoomusictoolbar\GC\toolbar.crx [2013-06-07]
    CHR HKLM\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx [2014-03-26]
    CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [69880 2014-08-13] (Bitdefender)
    R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
    R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
    S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
    S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
    S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2007-11-12] (Intuit) [File not signed]
    S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2007-05-24] (Intuit Inc.) [File not signed]
    R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [81704 2013-07-08] (Bitdefender)
    S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [480368 2014-09-17] (Bitdefender)
    S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
    S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
    S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
    S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [54424 2014-08-13] (Bitdefender)
    S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
    R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
    R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-06-19] (Sony Corporation)
    R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
    S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
    R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1251808 2014-08-13] (Bitdefender)
    R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
    S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1060312 2014-08-13] (BitDefender)
    R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
    R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [528248 2014-08-13] (BitDefender)
    R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [77632 2014-05-26] (BitDefender LLC)
    R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [90704 2011-11-14] (BitDefender LLC)
    S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [108008 2013-07-02] (Bitdefender SRL)
    S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [66832 2013-11-04] (BitDefender SRL)
    R1 bdselfpr; C:\Program Files\Bitdefender\Bitdefender\bdselfpr.sys [135600 2013-07-26] (BitDefender LLC)
    R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [72704 2012-04-17] (BitDefender)
    S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
    R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [165744 2013-08-23] (BitDefender LLC)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    U4 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-02] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
    S3 OlyCamComm; C:\Windows\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
    R1 pcwatch; C:\Windows\system32\Drivers\pcwatch.sys [20480 2014-09-01] () [File not signed] <==== ATTENTION
    R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [385096 2014-08-13] (BitDefender S.R.L.)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
    S3 catchme; \??\C:\Users\CARL\AppData\Local\Temp\catchme.sys [X]
    S1 ttnfd; system32\drivers\ttnfd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-02 13:50 - 2014-10-02 13:50 - 00000266 _____ () C:\Users\CARL\Desktop\fixes.bat
    2014-10-01 19:18 - 2014-10-02 07:20 - 00000000 ____D () C:\Users\Liza\AppData\Local\{37C9B37E-8D21-4944-8858-B247C201E940}
    2014-10-01 12:28 - 2014-10-01 12:34 - 00003088 _____ () C:\Users\CARL\Desktop\Rkill.txt
    2014-10-01 12:27 - 2014-10-01 12:27 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\CARL\Desktop\rkill.exe
    2014-10-01 08:17 - 2014-10-01 08:17 - 00146960 _____ () C:\Windows\Minidump\100114-22120-01.dmp
    2014-10-01 08:12 - 2014-10-01 08:16 - 00000000 ___SD () C:\ComboFix
    2014-10-01 06:54 - 2014-10-01 14:38 - 00051250 _____ () C:\Users\CARL\Desktop\Addition.txt
    2014-10-01 06:52 - 2014-10-02 13:53 - 00027739 _____ () C:\Users\CARL\Desktop\FRST.txt
    2014-09-30 23:26 - 2014-09-30 23:26 - 00000000 ____D () C:\Users\Liza\AppData\Local\{709843D9-5A76-4B14-BE48-BD68AC33B06D}
    2014-09-30 22:21 - 2014-09-30 22:21 - 00186880 _____ (CEXX.ORG) C:\Users\CARL\Desktop\LSPFix.exe
    2014-09-30 13:33 - 2014-09-24 18:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-09-29 19:09 - 2014-10-02 13:45 - 00000000 ____D () C:\Users\CARL\Documents\Katie
    2014-09-28 19:47 - 2014-09-28 19:48 - 00146952 _____ () C:\Windows\Minidump\092814-23743-01.dmp
    2014-09-28 14:10 - 2014-09-28 14:10 - 00146960 _____ () C:\Windows\Minidump\092814-23556-01.dmp
    2014-09-28 14:00 - 2014-10-01 08:14 - 00000000 ____D () C:\Qoobox
    2014-09-28 14:00 - 2014-09-30 22:51 - 00000000 ____D () C:\Windows\erdnt
    2014-09-28 14:00 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
    2014-09-28 14:00 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
    2014-09-28 14:00 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
    2014-09-28 14:00 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
    2014-09-28 13:52 - 2014-09-28 13:52 - 05582345 ____R (Swearware) C:\Users\CARL\Desktop\ComboFix.exe
    2014-09-27 17:14 - 2014-10-01 13:45 - 00000000 ____D () C:\Users\CARL\Malware fixes
    2014-09-27 13:38 - 2014-09-27 13:38 - 00000000 ____D () C:\Users\Liza\AppData\Local\{BC296350-9826-4461-89ED-ACC5B53B0351}
    2014-09-27 10:20 - 2014-09-27 10:20 - 01100288 _____ (Farbar) C:\Users\CARL\Desktop\FRST.exe
    2014-09-27 06:40 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
    2014-09-27 06:04 - 2014-09-27 06:20 - 00000530 _____ () C:\Users\CARL\Downloads\Result.txt
    2014-09-27 05:26 - 2014-10-02 11:30 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-27 05:25 - 2014-09-27 05:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-09-27 05:25 - 2014-09-27 05:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-09-27 05:25 - 2014-09-27 05:25 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2014-09-27 05:25 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-09-27 05:25 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-27 05:25 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-09-27 05:00 - 2014-09-27 05:00 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-27 04:53 - 2014-09-27 04:53 - 01699276 _____ (Thisisu) C:\Users\CARL\Downloads\JRT.exe
    2014-09-26 21:21 - 2014-09-26 21:21 - 00000000 ____D () C:\Users\CARL\AppData\Local\Macromedia
    2014-09-26 21:20 - 2014-09-26 21:20 - 00001105 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2014-09-26 21:20 - 2014-09-26 21:20 - 00000000 ____D () C:\Users\CARL\AppData\Roaming\Mozilla
    2014-09-26 21:20 - 2014-09-26 21:20 - 00000000 ____D () C:\Users\CARL\AppData\Local\Mozilla
    2014-09-26 21:19 - 2014-09-26 21:19 - 00244136 _____ () C:\Users\CARL\Downloads\Firefox Setup Stub 32.0.3.exe
    2014-09-26 20:33 - 2014-10-02 13:53 - 00000000 ____D () C:\FRST
    2014-09-26 17:31 - 2014-09-26 17:31 - 00000000 ____D () C:\Users\Liza\AppData\Local\{D1075A40-3AD6-48F8-8D80-DB28A94191A8}
    2014-09-25 13:02 - 2014-09-25 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
    2014-09-24 21:53 - 2014-09-26 07:50 - 00000065 _____ () C:\Users\CARL\AppData\Roaming\WB.CFG
    2014-09-24 20:53 - 2014-09-24 20:53 - 00000000 ____D () C:\Users\CARL\AppData\Local\IsolatedStorage
    2014-09-24 20:11 - 2014-09-24 20:11 - 00000000 ____D () C:\Users\Liza\AppData\Local\{E1B82B34-94F7-4795-A227-A07AC026C3C1}
    2014-09-24 15:21 - 2014-09-24 21:58 - 01454922 _____ () C:\Users\CARL\Documents\Kanto.pptx
    2014-09-24 14:20 - 2014-09-24 14:59 - 02382044 _____ () C:\Users\CARL\Downloads\David_Mythology (1).pptx
    2014-09-24 10:02 - 2014-09-24 10:02 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
    2014-09-23 19:26 - 2014-09-23 19:26 - 00147016 _____ () C:\Windows\Minidump\092314-80558-01.dmp
    2014-09-23 17:50 - 2014-09-23 17:50 - 00000000 ____D () C:\Users\Liza\AppData\Local\{E36305E3-28E3-4440-9CEA-6993EEE77436}
    2014-09-23 17:44 - 2014-09-24 15:02 - 02382035 _____ () C:\Users\CARL\Documents\David_Mythology.pptx
    2014-09-23 17:05 - 2014-09-01 11:29 - 00020480 _____ () C:\Windows\system32\Drivers\pcwatch.sys
    2014-09-23 17:03 - 2014-09-23 17:03 - 18581088 _____ () C:\Users\CARL\Downloads\YGOPro DevPro.zip.thxo3ui.partial
    2014-09-23 17:03 - 2014-09-01 11:28 - 00304776 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect.dll
    2014-09-23 14:50 - 2014-09-24 15:21 - 01208942 _____ () C:\Users\CARL\Downloads\New_Microsoft_PowerPoint_Presentation.pptx
    2014-09-23 13:51 - 2014-09-23 14:37 - 02486374 _____ () C:\Users\CARL\Downloads\David_Mythology.pptx
    2014-09-23 12:39 - 2014-09-09 14:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-09-22 16:10 - 2014-09-22 16:10 - 00918440 _____ (Oracle Corporation) C:\Users\CARL\Downloads\JavaSetup7u67.com
    2014-09-22 16:02 - 2014-09-22 16:02 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-19 06:27 - 2014-09-19 06:27 - 00000000 ____D () C:\Users\Liza\AppData\Local\{20373E10-274A-4A68-A976-51CB8838D089}
    2014-09-18 15:01 - 2014-08-19 10:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-18 15:01 - 2014-08-18 14:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-18 15:01 - 2014-08-18 14:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-18 15:01 - 2014-08-18 14:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-18 15:01 - 2014-08-18 14:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-18 15:01 - 2014-08-18 14:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-18 15:01 - 2014-08-18 14:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-18 15:01 - 2014-08-18 14:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-18 15:01 - 2014-08-18 14:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-18 15:01 - 2014-08-18 14:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-18 15:01 - 2014-08-18 14:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-18 15:01 - 2014-08-18 14:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-18 15:01 - 2014-08-18 14:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-18 15:01 - 2014-08-18 14:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-18 15:01 - 2014-08-18 14:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-18 15:01 - 2014-08-18 14:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-18 15:01 - 2014-08-18 14:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-18 15:01 - 2014-08-18 14:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-18 15:01 - 2014-08-18 14:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-18 15:01 - 2014-08-18 14:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-18 15:01 - 2014-08-18 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-18 15:01 - 2014-08-18 14:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-18 15:01 - 2014-08-18 14:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-18 15:01 - 2014-08-18 13:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-18 15:00 - 2014-08-18 15:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-18 15:00 - 2014-08-18 15:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-18 15:00 - 2014-08-18 14:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-18 15:00 - 2014-08-18 14:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-18 15:00 - 2014-08-18 13:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-18 15:00 - 2014-08-18 13:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-18 15:00 - 2014-06-26 18:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-17 08:56 - 2014-07-06 18:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-17 08:56 - 2014-07-06 18:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-17 08:55 - 2014-09-04 18:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-17 08:55 - 2014-09-04 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-17 08:55 - 2014-08-01 04:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-17 08:55 - 2014-06-23 19:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-16 22:47 - 2014-09-18 14:27 - 00000000 ____D () C:\Users\Liza\AppData\Local\{5EB1F283-A6CA-4AF7-9D54-CA3B9F6782B4}
    2014-09-16 19:49 - 2014-09-16 19:49 - 00000000 ____D () C:\found.000
    2014-09-13 01:51 - 2014-09-13 01:51 - 00000000 ____D () C:\Users\Liza\AppData\Local\{F5899911-E6E6-4F67-82C6-BD68481CA883}
    2014-09-12 21:19 - 2014-09-12 21:19 - 00000000 ____D () C:\Users\Liza\AppData\Local\{3A5CF58D-05AD-4421-8942-EA191F6D89C7}
    2014-09-12 21:15 - 2014-09-12 21:15 - 01510144 _____ () C:\Windows\Minidump\091214-45583-01.dmp
    2014-09-06 03:51 - 2014-09-06 03:51 - 00000000 ____D () C:\Users\Liza\AppData\Local\{7825CC49-70F8-493E-88C9-B07B93EB1007}
    2014-09-05 10:15 - 2014-09-05 10:15 - 00000000 ____D () C:\Users\Liza\AppData\Local\{7771BBE8-4AA6-4FE3-9C86-A5E64EC94CA1}
    2014-09-04 05:01 - 2014-09-04 22:14 - 00000000 ____D () C:\Users\Liza\AppData\Local\{EAF1BEA1-C915-4AB8-9435-5AC345EB9F88}
    2014-09-04 03:58 - 2014-08-22 18:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-09-04 03:58 - 2014-08-22 17:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-09-04 03:51 - 2014-05-14 09:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2014-09-04 03:51 - 2014-05-14 09:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2014-09-04 03:51 - 2014-05-14 09:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2014-09-04 03:51 - 2014-05-14 09:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2014-09-04 03:50 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2014-09-04 03:50 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2014-09-04 03:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2014-09-02 12:55 - 2014-09-02 12:55 - 00034244 _____ () C:\monitorsvc.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-02 13:19 - 2012-02-14 17:28 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cceb78bf10241d.job
    2014-10-02 13:07 - 2010-03-14 13:07 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-02 13:02 - 2012-08-31 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-02 11:45 - 2011-12-01 19:51 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001UA.job
    2014-10-02 10:19 - 2012-02-14 17:28 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cceb78bbbe067a.job
    2014-10-01 22:17 - 2011-05-04 15:42 - 01610858 _____ () C:\Windows\WindowsUpdate.log
    2014-10-01 19:18 - 2010-09-11 07:57 - 00000000 ____D () C:\Users\Liza\Tracing
    2014-10-01 19:18 - 2010-03-14 13:07 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-01 17:45 - 2011-12-01 19:51 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-201924879-2192290182-1421096681-1001Core.job
    2014-10-01 15:56 - 2011-05-04 15:49 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-10-01 15:52 - 2009-07-13 21:39 - 01512687 _____ () C:\Windows\setupact.log
    2014-10-01 15:26 - 2011-05-04 15:05 - 00018544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-01 15:26 - 2011-05-04 15:05 - 00018544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-01 15:18 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-01 15:15 - 2012-02-26 09:23 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    2014-10-01 15:15 - 2011-04-11 21:39 - 00000000 ____D () C:\Program Files\Common Files\Adobe
    2014-10-01 14:28 - 2011-05-04 15:28 - 00286214 _____ () C:\Windows\PFRO.log
    2014-10-01 08:17 - 2011-07-30 11:43 - 384205671 _____ () C:\Windows\MEMORY.DMP
    2014-10-01 08:17 - 2011-07-30 11:43 - 00000000 ____D () C:\Windows\Minidump
    2014-09-30 23:03 - 2009-07-13 19:37 - 00000000 ___RD () C:\Users\Public
    2014-09-30 22:56 - 2009-07-13 19:04 - 00000215 _____ () C:\Windows\system.ini
    2014-09-30 22:52 - 2009-07-13 19:03 - 64487424 _____ () C:\Windows\system32\config\SOFTWARE.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 19660800 _____ () C:\Windows\system32\config\SYSTEM.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 01048576 _____ () C:\Windows\system32\config\DEFAULT.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
    2014-09-30 22:52 - 2009-07-13 19:03 - 00090112 _____ () C:\Windows\system32\config\SAM.bak
    2014-09-27 18:04 - 2011-05-04 15:06 - 00000000 ____D () C:\Users\CARL
    2014-09-27 11:16 - 2011-04-11 21:52 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-09-27 09:54 - 2013-09-30 20:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-09-27 06:47 - 2009-01-09 22:21 - 00000000 ____D () C:\TEMP
    2014-09-27 06:44 - 2012-06-27 12:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2014-09-27 05:39 - 2011-02-02 01:33 - 00000000 ____D () C:\ProgramData\Temp
    2014-09-26 21:20 - 2012-06-27 12:00 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2014-09-25 19:50 - 2010-09-10 16:01 - 00000000 ____D () C:\Users\Liza\Documents\Katie
    2014-09-24 20:56 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-09-24 20:53 - 2009-06-06 06:26 - 00000907 _____ () C:\Users\CARL\Desktop\Launch Internet Explorer Browser.lnk
    2014-09-24 13:07 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\NDF
    2014-09-24 12:29 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
    2014-09-24 10:02 - 2012-03-30 16:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-09-24 10:02 - 2011-05-19 14:16 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-09-19 06:47 - 2014-07-31 11:57 - 00203574 _____ () C:\Users\CARL\Desktop\1checking.xlsx
    2014-09-18 15:03 - 2008-08-21 00:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-18 15:00 - 2013-08-15 11:44 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-18 14:37 - 2014-05-07 06:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-18 14:37 - 2011-05-17 10:41 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-09-17 14:36 - 2014-02-04 01:45 - 00000000 ____D () C:\Users\Liza\Documents\Retirement
    2014-09-06 03:49 - 2009-07-13 21:33 - 00371536 _____ () C:\Windows\system32\FNTCACHE.DAT

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-09-27 17:54

    ==================== End Of Log ============================


    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users