aswMBR version 1.0.1.2201 Copyright© 2014 AVAST Software
Run date: 2014-11-13 09:15:00
-----------------------------
09:15:00.672 OS Version: Windows x64 6.0.6002 Service Pack 2
09:15:00.672 Number of processors: 4 586 0x203
09:15:00.673 ComputerName: CARL-PC UserName: Carl
09:15:02.937 Initialize success
09:15:03.118 VM: initialized successfully
09:15:03.119 VM: Amd CPU supported
09:16:42.917 AVAST engine defs: 14111300
09:16:54.927 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:16:54.929 Disk 0 Vendor: WDC_WD6400AAKS-22A7B2 01.03B01 Size: 610480MB BusType: 3
09:16:55.202 Disk 0 MBR read successfully
09:16:55.205 Disk 0 MBR scan
09:16:55.212 Disk 0 unknown MBR code
09:16:55.216 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 10001 MB offset 63
09:16:55.250 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 600477 MB offset 20484096
09:16:55.283 Disk 0 scanning C:\Windows\system32\drivers
09:17:09.347 Service scanning
09:17:15.139 Service BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys **LOCKED** 5
09:17:15.185 Service bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys **LOCKED** 5
09:17:33.818 Modules scanning
09:17:33.828 Disk 0 trace - called modules:
09:17:33.846 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
09:17:33.852 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057b0680]
09:17:33.857 3 CLASSPNP.SYS[fffffa6000fd1c33] -> nt!IofCallDriver -> [0xfffffa800487c600]
09:17:33.863 5 acpi.sys[fffffa600081dfde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800487d940]
09:17:35.924 AVAST engine scan C:\Windows
09:17:55.689 AVAST engine scan C:\Windows\system32
09:22:22.558 AVAST engine scan C:\Windows\system32\drivers
09:22:38.748 AVAST engine scan C:\Users\Carl
09:39:28.055 File: C:\Users\Carl\Downloads\AnySendSetup.exe **INFECTED** Win32:Dropper-gen [Drp]
09:39:32.290 File: C:\Users\Carl\Downloads\Internet_Explorer.exe **INFECTED** Win32:Malware-gen
09:41:23.939 AVAST engine scan C:\ProgramData
09:58:16.625 Disk 0 statistics 5032366/0/0 @ 1.23 MB/s
09:58:16.633 Scan finished successfully
09:58:49.567 Disk 0 MBR has been saved successfully to "C:\Users\Carl\Desktop\MBR.dat"
09:58:49.591 The log file has been saved successfully to "C:\Users\Carl\Desktop\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Carl (administrator) on CARL-PC on 13-11-2014 09:59:37
Running from C:\Users\Carl\Desktop
Loaded Profile: Carl (Available profiles: Carl & mlstruck & Julie & David & Katie)
Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Agere Systems) C:\Windows\System32\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Windows\mHotkey.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Creative) C:\Windows\CNYHKey.exe
(Dropbox, Inc.) C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Discordia, LTD) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Chicony) C:\Windows\ModLEDKey.exe
(Chicony) C:\Windows\ChiFuncExt.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6495264 2008-09-18] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-09-18] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1754424 2008-08-06] (Bitdefender)
HKLM-x32\...\Run: [LchDrvKey] => C:\Windows\LchDrvKey.exe [36864 2007-03-28] ()
HKLM-x32\...\Run: [LedKey] => C:\Windows\CNYHKey.exe [339968 2008-04-23] (Creative)
HKLM-x32\...\Run: [P2Go_Menu] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2007-08-22] (Hewlett-Packard)
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe [240992 2009-12-08] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [165208 2010-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [DATAMNGR] => C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe [1115536 2011-03-02] (Discordia, LTD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-05-31] (Google Inc.)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [LightShot] => C:\Users\Carl\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-06] ()
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-08-13] (Bitdefender)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\MountPoints2: {92e36653-a89d-11df-b363-00226863662d} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.garmin.com/agent
HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\Users\Carl\AppData\Local\Temp\snprinv\svenosp\wow64.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-08-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: C:\PROGRA~2\WI9130~1\Datamngr\x64\datamngr.dll => C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll [1033112 2011-03-02] (Discordia, LTD)
AppInit_DLLs: C:\PROGRA~2\WI9130~1\Datamngr\x64\IEBHO.dll => C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll [1058712 2011-03-02] (Discordia, LTD)
AppInit_DLLs-x32: c:\progra~2\wi9130~1\datamngr\datamngr.dll => c:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll [727952 2011-03-02] (Discordia, LTD)
AppInit_DLLs-x32: c:\progra~2\wi9130~1\datamngr\iebho.dll => c:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll [722840 2011-03-02] (Discordia, LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll ()
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACGW
SearchScopes: HKLM-x32 - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu....&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....&q={searchTerms}
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.condui...&ctid=CT2856415
SearchScopes: HKCU - DefaultScope {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://yandex.ru/yan...xt={searchTerms}
SearchScopes: HKCU - Moikrug URL = http://moikrug.ru/pe...ms}&submitted=1
SearchScopes: HKCU - Yandex URL = http://start.iplay.c...&q={searchTerms}
SearchScopes: HKCU - {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = http://yandex.ru/yan...xt={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://www.searchqu....&q={searchTerms}
SearchScopes: HKCU - {B9E6FD3E-8BA1-4A89-A304-665EB168D404} URL = http://websearch.ask...25-E03A648423C2
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\pmbxie.dll (Bitdefender)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Discordia, LTD)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Shop to Win -> {00B48AB6-399B-4E4E-B07E-DA47C34C453A} -> C:\Program Files (x86)\Shop to Win 17\Shop to Win 17.dll (Shop To Win, LLC)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll (IBM Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxie.dll (Bitdefender)
BHO-x32: No Name -> {22e03916-85c5-44b0-8dc9-1830c11238d9} -> No File
BHO-x32: FastestIE -> {54404F81-99CC-4FD3-9D29-92689B86C2CC} -> C:\Program Files (x86)\FastestIE\FastestIE.dll (fastestie.com)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: UrlHelper Class -> {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} -> C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: GamesBarBHO Class -> {CB0D163C-E9F4-4236-9496-0597E24B23A5} -> C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll (Oberon Media Ltd.)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll ()
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ShopAtHomeIEHelper Class -> {E8DAAA30-6CAA-4b58-9603-8E54238219E2} -> C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - ShopAtHome Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
Toolbar: HKLM-x32 - No Name - {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File
Toolbar: HKLM-x32 - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.82\oberontb.dll (Oberon Media Ltd.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.ma...director/sw.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
DPF: HKLM-x32 {74F4F118-91E6-4AFC-B8D2-04066781F239} https://www.member-d...dc/EZTwainX.cab
DPF: HKLM-x32 {75A6AEA3-F26E-4608-AE9B-8DA78C87576E} https://kingsisle.hs...ameLauncher.CAB
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 216.177.160.61 216.177.160.60
FireFox:
========
FF ProfilePath: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default
FF NewTab: yafd:tabs
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Keyword.URL: hxxp://www.searchqu.com/web?src=ffb&systemid=101&q=
FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP|hxxp://www.searchqu.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @gamersfirst.com/LiveLauncher -> C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @Sibelius.com/Scorch Plugin -> C:\Program Files (x86)\Musicnotes\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2265821247-3271303352-2493671787-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\mfc71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmfv.dll (IBM Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\searchplugins\yandex.xml
FF SearchPlugin: C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\searchplugins\ybqs-yandex.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\WebSearchober476294982.xml
FF Extension: No Name - C:\Users\Carl\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@playsushi.com [2010-01-19]
FF Extension: Oberon GamesBar - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\gamesbar@oberon-media.com [2012-06-06]
FF Extension: Ask Toolbar Toolbar - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\toolbar@ask.com [2012-11-10]
FF Extension: Візуальныя закладкі - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\vb@yandex.ru [2013-04-24]
FF Extension: Кампанент "Элементы Яндекса" - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\yasearch@yandex.ru [2013-04-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-27]
FF Extension: No Name - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}-trash [2010-11-27]
FF Extension: No Name - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2011-09-03]
FF Extension: Search Assistant - C:\Users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\85w9rd3l.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-05-17]
FF Extension: LoudMo Contextual Ad Assistant - C:\Program Files (x86)\Mozilla Firefox\extensions\{5befc0da-3d3d-1bde-61c9-d91915f7ddda} [2010-05-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-12-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-08-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-25]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-03-26]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-05-31]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-09-04]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010-01-19]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman [2014-03-26]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP", "hxxp://www.aol.com/"
CHR Profile: C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Toolbar) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2012-11-13]
CHR Extension: (Entanglement Web App) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-02-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Bitdefender Wallet) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2014-03-26]
CHR Extension: (Skype Click to Call) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-12-26]
CHR Extension: (Poppit!) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-02-23]
CHR Extension: (Visual Bookmarks) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkcpopggjcjkiicpenikeogioednjeac [2012-04-10]
CHR Extension: (Google Wallet) - C:\Users\Carl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Carl\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2013-03-31]
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx [2014-03-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2014-08-13] (Bitdefender)
R2 ETService; C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [24576 2008-06-11] () [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2008-08-19] () [File not signed]
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S3 scan; C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll [596776 2008-08-06] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-13] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1536624 2008-08-06] (Bitdefender)
R2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-08-13] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-05-22] (BitDefender LLC)
R1 bdftdif; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys [119888 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-08-13] (BitDefender S.R.L.)
U4 bdselfpr; No ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 aswMBR; \??\C:\Users\Carl\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Carl\AppData\Local\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 09:59 - 2014-11-13 10:00 - 00035723 _____ () C:\Users\Carl\Desktop\FRST.txt
2014-11-13 09:58 - 2014-11-13 09:58 - 00002536 _____ () C:\Users\Carl\Desktop\aswMBR.txt
2014-11-13 09:58 - 2014-11-13 09:58 - 00000512 _____ () C:\Users\Carl\Desktop\MBR.dat
2014-11-13 09:14 - 2014-11-13 09:14 - 02116096 _____ (Farbar) C:\Users\Carl\Desktop\FRST64.exe
2014-11-13 09:12 - 2014-11-13 09:12 - 05194752 _____ (AVAST Software) C:\Users\Carl\Desktop\aswMBR.exe
2014-11-13 09:05 - 2014-11-13 09:05 - 00002027 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-13 09:05 - 2014-11-13 09:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-13 09:04 - 2014-11-13 09:04 - 00000000 ____D () C:\Users\Carl\AppData\Local\Deployment
2014-11-13 09:04 - 2014-11-13 09:04 - 00000000 ____D () C:\Users\Carl\AppData\Local\Apps\2.0
2014-11-12 18:41 - 2014-11-12 18:43 - 00000000 ____D () C:\Users\Katie\AppData\Local\{F7B7211F-7DF3-4F52-AC66-4A184FED7C9A}
2014-11-12 18:35 - 2014-11-12 18:35 - 00000000 ____D () C:\Users\Katie\AppData\Local\Macromedia
2014-11-12 18:32 - 2014-11-12 18:32 - 00000000 ____D () C:\Users\Katie\AppData\Local\{DF1FB192-739E-41FA-8D7B-5F2E19DE2424}
2014-11-12 12:29 - 2014-11-12 12:29 - 00000000 ____D () C:\ProgramData\Dumps
2014-11-12 12:15 - 2014-11-12 12:15 - 00000000 ____D () C:\Users\Carl\{ca193454-bc05-40e6-8e1e-febbedb96b6c}
2014-11-12 11:55 - 2014-09-26 18:42 - 00883624 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2014-11-12 11:55 - 2014-09-26 18:42 - 00806824 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-11-12 11:54 - 2014-11-12 11:54 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Oracle
2014-11-12 11:50 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-12 11:50 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-12 11:50 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-12 11:50 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-12 11:49 - 2014-11-12 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-12 10:54 - 2014-10-12 15:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 10:53 - 2014-09-18 16:50 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 10:53 - 2014-09-18 16:45 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 10:48 - 2014-08-11 18:25 - 00729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 10:48 - 2014-08-11 18:11 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 10:46 - 2014-10-09 17:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 10:46 - 2014-10-09 17:09 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 10:46 - 2014-10-09 17:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 10:46 - 2014-10-09 17:01 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 10:46 - 2014-10-09 17:00 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 10:46 - 2014-10-09 15:53 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 10:46 - 2014-10-09 15:22 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 10:46 - 2014-06-15 14:18 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-12 10:46 - 2014-06-15 14:18 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-11-12 10:46 - 2014-06-13 10:22 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-11-12 10:46 - 2014-06-13 10:22 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-11-12 10:46 - 2014-06-13 09:36 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-12 10:46 - 2014-06-13 09:36 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-12 10:45 - 2014-10-17 17:08 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 10:45 - 2014-10-17 16:46 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 10:45 - 2014-10-02 17:18 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 10:45 - 2014-10-02 17:17 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 10:45 - 2014-10-02 17:17 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 10:45 - 2014-10-02 17:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 10:45 - 2014-10-02 17:02 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 10:45 - 2014-10-02 17:01 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 10:45 - 2014-10-02 17:01 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 10:45 - 2014-10-02 15:49 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodg.exe
2014-11-12 10:29 - 2014-10-23 17:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 10:29 - 2014-10-23 16:39 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 10:29 - 2014-09-04 15:38 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2014-11-12 10:29 - 2014-08-26 16:55 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 10:29 - 2014-08-26 16:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 10:29 - 2014-08-26 16:41 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 10:29 - 2014-08-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 10:27 - 2014-09-08 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-11-12 10:27 - 2014-09-08 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-11-12 10:26 - 2014-10-27 12:13 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 10:26 - 2014-10-27 12:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 10:26 - 2014-10-27 12:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 10:26 - 2014-10-27 12:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-12 10:26 - 2014-10-27 12:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 10:26 - 2014-10-27 12:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 10:26 - 2014-10-27 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 10:26 - 2014-10-27 12:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 10:26 - 2014-10-27 12:03 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 10:26 - 2014-10-27 12:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 10:26 - 2014-10-27 11:10 - 12366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 10:26 - 2014-10-27 11:05 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 10:26 - 2014-10-27 10:59 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 10:26 - 2014-10-27 10:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-12 10:26 - 2014-10-27 10:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 10:26 - 2014-10-27 10:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 10:26 - 2014-10-27 10:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 10:26 - 2014-10-27 10:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 10:26 - 2014-10-27 10:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 10:26 - 2014-10-27 10:54 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 10:25 - 2014-10-27 12:32 - 17870336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 10:25 - 2014-10-27 12:12 - 10921472 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 10:25 - 2014-10-27 12:07 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 10:25 - 2014-10-27 12:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 10:25 - 2014-10-27 12:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-12 10:25 - 2014-10-27 12:04 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 10:25 - 2014-10-27 12:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 10:25 - 2014-10-27 12:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 10:25 - 2014-10-27 12:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-12 10:25 - 2014-10-27 12:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-12 10:25 - 2014-10-27 12:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-12 10:25 - 2014-10-27 11:02 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 10:25 - 2014-10-27 10:59 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 10:25 - 2014-10-27 10:58 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 10:25 - 2014-10-27 10:57 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-12 10:25 - 2014-10-27 10:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 10:25 - 2014-10-27 10:56 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 10:25 - 2014-10-27 10:56 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 10:25 - 2014-10-27 10:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 10:25 - 2014-10-27 10:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-12 10:25 - 2014-10-27 10:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-12 10:25 - 2014-10-27 10:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-11 15:18 - 2014-11-11 15:18 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{28088A49-EE22-4F40-BA56-0A17D0DD823C}
2014-11-11 13:46 - 2014-11-13 09:59 - 00000000 ____D () C:\FRST
2014-11-10 05:56 - 2014-11-10 05:56 - 00000000 ____D () C:\Users\Katie\Documents\My Scans
2014-11-09 14:26 - 2014-11-09 14:27 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{CDF00B65-7969-41F4-BC77-7F8EB4E65D3C}
2014-11-09 14:13 - 2014-11-09 14:13 - 00000000 ____D () C:\Users\Katie\Documents\Recipes
2014-11-09 12:09 - 2014-11-09 12:09 - 00000000 ____D () C:\Users\Katie\AppData\Local\{AB61E324-AB16-40EE-89A7-115B7A8F0FA3}
2014-11-09 08:00 - 2014-11-12 11:50 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-09 07:51 - 2014-11-09 07:51 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-11-09 07:51 - 2014-11-09 07:51 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-11-09 07:50 - 2014-11-09 07:50 - 00000000 ____D () C:\ProgramData\APN
2014-11-09 07:47 - 2014-11-12 11:50 - 00006782 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-07 10:43 - 2014-11-07 10:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-07 10:43 - 2014-11-07 10:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-06 13:07 - 2014-11-07 01:09 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{B49A7250-9AC9-4646-BD66-C0D0002860CE}
2014-11-04 18:06 - 2014-11-04 18:06 - 00227194 _____ () C:\Users\Katie\Documents\Jetblue Reservation scan code Apr 2015.pptx
2014-11-01 16:32 - 2014-11-01 16:32 - 00000385 _____ () C:\Users\Katie\AppData\Roaminguser_gensett.xml
2014-11-01 15:59 - 2014-11-01 15:59 - 00000000 ____D () C:\Users\Katie\AppData\Local\{D2701221-158F-4D2B-BAE6-84AEE50A127C}
2014-10-30 20:54 - 2014-10-31 20:56 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{F2F8F1C4-1E88-4056-83CF-C6855D7E6644}
2014-10-30 20:00 - 2014-10-30 20:00 - 00000000 _____ () C:\Users\David\Desktop\David Stem Cells
2014-10-30 17:50 - 2014-10-30 17:50 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-10-30 16:15 - 2014-10-30 16:15 - 00000000 ____D () C:\Users\Katie\AppData\Local\{AF51DC85-D4B3-46F1-AB2B-200D7ECAEC70}
2014-10-28 06:38 - 2014-10-30 06:43 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{92C16527-ED54-4A21-97EB-47E6AA9CAA6B}
2014-10-27 17:36 - 2014-10-27 17:36 - 00000000 ____D () C:\Users\Katie\AppData\Local\{174BD46C-ED3E-49ED-A115-DE683A6FE8A8}
2014-10-27 06:34 - 2014-10-27 18:37 - 00000000 ____D () C:\Users\mlstruck\AppData\Local\{66B3A009-F282-425C-8E94-13919D8882C9}
2014-10-26 10:51 - 2014-10-26 11:43 - 00000000 ____D () C:\Users\Katie\Downloads\Geography
2014-10-24 16:16 - 2014-11-12 19:18 - 00000000 ____D () C:\Users\Katie\Documents\French
2014-10-24 16:13 - 2014-10-24 16:13 - 00000000 ____D () C:\Users\Katie\AppData\Local\{F1F966AE-1A89-4933-9FF4-EDA420A20D8C}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-13 09:59 - 2011-12-23 19:14 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Skype
2014-11-13 09:40 - 2012-04-27 11:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 09:38 - 2014-03-30 10:33 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830.job
2014-11-13 09:32 - 2009-11-06 18:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 09:10 - 2012-04-10 16:06 - 00000386 _____ () C:\Windows\Tasks\update-sys.job
2014-11-13 09:05 - 2009-05-31 18:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-13 09:02 - 2009-06-08 20:27 - 00000000 ____D () C:\Users\mlstruck
2014-11-13 09:00 - 2014-07-20 14:20 - 00000000 ___RD () C:\Users\Carl\Dropbox
2014-11-13 09:00 - 2014-07-18 12:03 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Dropbox
2014-11-13 08:58 - 2014-03-30 10:33 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30.job
2014-11-13 08:58 - 2009-11-06 18:30 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 08:40 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 08:40 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 08:26 - 2012-04-10 16:06 - 00000386 _____ () C:\Windows\Tasks\update-S-1-5-21-2265821247-3271303352-2493671787-1000.job
2014-11-13 07:34 - 2012-04-10 17:53 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-2265821247-3271303352-2493671787-1003.job
2014-11-13 05:56 - 2009-04-08 12:54 - 01327929 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 20:33 - 2014-03-30 10:33 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830
2014-11-12 20:33 - 2014-03-30 10:33 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30
2014-11-12 18:46 - 2006-11-02 04:46 - 00006656 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 18:41 - 2010-08-18 13:30 - 00000000 ____D () C:\Users\Katie\Tracing
2014-11-12 18:40 - 2010-10-31 04:24 - 00000000 ____D () C:\Windows\SysWOW64\logishrd
2014-11-12 18:40 - 2010-10-31 04:24 - 00000000 ____D () C:\Windows\system32\logishrd
2014-11-12 18:40 - 2009-04-08 13:05 - 00000000 _____ () C:\Windows\system32\LogConfigTemp.xml
2014-11-12 18:40 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 18:38 - 2008-01-20 19:26 - 06104746 _____ () C:\Windows\PFRO.log
2014-11-12 18:37 - 2006-11-02 07:42 - 00032618 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-12 12:15 - 2009-05-31 18:43 - 00000000 ____D () C:\Users\Carl
2014-11-12 12:07 - 2010-03-17 20:12 - 00000000 ____D () C:\Program Files (x86)\ParetoLogic
2014-11-12 11:57 - 2011-10-07 09:18 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-12 11:55 - 2008-11-03 13:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-12 11:40 - 2012-04-27 11:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 11:40 - 2012-04-27 11:19 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 11:40 - 2011-05-14 05:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 11:32 - 2006-11-02 05:33 - 00000000 ____D () C:\Windows\rescache
2014-11-12 11:10 - 2006-11-02 07:21 - 00352808 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 10:51 - 2008-11-03 13:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 10:44 - 2013-08-14 02:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 10:22 - 2014-07-20 14:20 - 00000918 _____ () C:\Users\Carl\Desktop\Dropbox.lnk
2014-11-12 10:22 - 2014-07-18 12:49 - 00000000 ____D () C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-12 10:22 - 2012-11-07 20:19 - 00001149 _____ () C:\Windows\wininit.ini
2014-11-12 01:40 - 2006-11-02 04:33 - 01310720 _____ () C:\Windows\system32\config\default_previous
2014-11-12 01:40 - 2006-11-02 04:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-11-11 15:21 - 2010-01-04 21:52 - 00000000 ____D () C:\Users\mlstruck\Documents\Christmas
2014-11-11 15:17 - 2010-11-29 16:30 - 00000000 ____D () C:\Users\mlstruck\Tracing
2014-11-09 15:14 - 2010-07-20 05:37 - 00000000 ____D () C:\Users\mlstruck\Documents\My Scans
2014-11-09 12:23 - 2013-04-22 15:22 - 00000000 ____D () C:\Users\Katie\Documents\English
2014-11-09 12:14 - 2010-01-04 19:48 - 00000000 ____D () C:\Users\Katie\AppData\Roaming\Apple Computer
2014-11-01 10:21 - 2011-12-23 19:15 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2014-11-01 10:05 - 2014-03-10 14:49 - 00000000 ____D () C:\Users\David\AppData\Roaming\.minecraft
2014-10-31 23:26 - 2006-11-02 04:35 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-27 06:34 - 2011-04-17 19:50 - 00000000 ____D () C:\Users\mlstruck\AppData\Roaming\BitDefender
2014-10-26 15:06 - 2011-04-17 12:30 - 00000000 ____D () C:\Users\David\AppData\Roaming\BitDefender
2014-10-23 19:43 - 2014-03-25 21:23 - 00000000 ____D () C:\Users\Carl\Documents\Liza
2014-10-23 05:11 - 2011-12-23 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-10-22 23:26 - 2012-04-10 16:06 - 00001134 _____ () C:\Users\Carl\AppData\Local\UserProducts.xml
2014-10-22 20:26 - 2009-09-04 19:08 - 00000000 ____D () C:\Users\Carl\Documents\My Scans
Some content of TEMP:
====================
C:\Users\Carl\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbntmea.dll
C:\Users\Carl\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\David\AppData\Local\Temp\contentDATs.exe
C:\Users\David\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\David\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\David\AppData\Local\Temp\SWFXXLRT.DLL
C:\Users\Katie\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\mlstruck\AppData\Local\Temp\FFoxPackage.exe
C:\Users\mlstruck\AppData\Local\Temp\GLFA08.tmp.ConduitEngineSetup.exe
C:\Users\mlstruck\AppData\Local\Temp\installhelper.dll
C:\Users\mlstruck\AppData\Local\Temp\NGMDll.dll
C:\Users\mlstruck\AppData\Local\Temp\NGMResource.dll
C:\Users\mlstruck\AppData\Local\Temp\NGMSetup.exe
C:\Users\mlstruck\AppData\Local\Temp\nsn527F.tmp.exe
C:\Users\mlstruck\AppData\Local\Temp\prxGLFA08.tmp.tbElf_.dll
C:\Users\mlstruck\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\mlstruck\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\mlstruck\AppData\Local\Temp\uitools.dll
C:\Users\mlstruck\AppData\Local\Temp\unicows.dll
C:\Users\mlstruck\AppData\Local\Temp\Update.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-13 06:51
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by Carl at 2014-11-13 10:00:54
Running from C:\Users\Carl\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{9E5A03E3-6246-4920-9630-0527D5DA9B07}) (Version: 008.000.0003 - Vantage Linguistics)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.23.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.36191 - Ask.com) <==== ATTENTION
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 17.26.0.1106 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BPD_HPSU (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.10.1217.0 - Logitech) Hidden
Combat Arms (HKLM-x32\...\Combat Arms) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.0.3111 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.2019 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destination Component (x32 Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 11.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Elf_1 Toolbar (HKLM-x32\...\Elf_1 Toolbar) (Version: - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
ExamView Assessment Suite (HKLM-x32\...\ExamView Pro) (Version: - )
EZ Fonts (HKLM-x32\...\{02F5BEE7-0AB6-4E42-9BF8-2588AAECC7F2}) (Version: 1.0.0 - EZ Fonts)
FastestIE (HKLM-x32\...\FastestIE) (Version: - )
Fax (x32 Version: 100.0.187.000 - Hewlett-Packard) Hidden
FLV Direct Player (HKLM-x32\...\FLV Direct Player) (Version: - )
GamersFirst LIVE! (HKLM-x32\...\GamersFirst LIVE!) (Version: - GamersFirst)
GamesBar 2.0.1.82 (HKLM-x32\...\GamesBar) (Version: 2.0.1.82 - Oberon Media, Inc.)
Garmin City Navigator North America NT 2015.10 (HKLM-x32\...\{FCDB42FC-A70B-4041-877F-D73E16DE4345}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Gateway Games (HKLM-x32\...\WildTangent gateway Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.1.3003 - Acer Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (x32 Version: 100.0.187.000 - Hewlett-Packard) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet J4500 Series (HKLM\...\{CD0773D5-C18E-495c-B39B-21A96415EDD5}) (Version: 1.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
IBM Lotus Forms Viewer 3.5.1 (HKLM-x32\...\{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73C}) (Version: 7.6.1.333 - IBM)
iLivid (HKLM-x32\...\iLivid) (Version: 1.92.0.112243 - Bandoo Media Inc.) <==== ATTENTION
iLivid (x32 Version: 1.92.0.112243 - Bandoo Media Inc.) Hidden <==== ATTENTION
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KB0817 Keyboard Driver (HKLM-x32\...\{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}) (Version: 1.30.0000 - Gateway)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lightshot-5.1.2.5 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.5 - Skillbrains)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.00.1774.0 - Logitech) Hidden
MarketResearch (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 10.63.5.3 - Marvell)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Money Essentials (HKLM-x32\...\Money2007b) (Version: 16 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 4.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 4.0 (x86 en-US)) (Version: 4.0 - Mozilla)
MSN Toolbar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 4.0.0390.0 - Microsoft Corporation)
MSN Toolbar Platform (x32 Version: 4.0.0379.0 - Microsoft Corporation) Hidden
MSVCSetup (x32 Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Musicnotes Software Suite 1.7.2 (HKLM-x32\...\Musicnotes Combined Installer_is1) (Version: 1.7.2 - Musicnotes Inc.)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Oregon Trail® 5 (HKLM-x32\...\Oregon Trail® 5) (Version: - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
PSSWCORE (x32 Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Sansa Updater (HKU\S-1-5-21-2265821247-3271303352-2493671787-1000\...\Sansa Updater) (Version: - )
Scan (x32 Version: 10.1.0.0 - Hewlett-Packard) Hidden
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Shop To Win (HKLM-x32\...\{2EDEF827-E14D-400B-BB7C-C0B17DC15C6B}_is1) (Version: 1.0.25 - Shop To Win, LLC)
ShopAtHome SelectRebates (HKLM-x32\...\SelectRebatesUninstall) (Version: - ) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smart Copy 3.1.1.1 (HKLM-x32\...\Smart Copy) (Version: 3.1.1.1 - I/O Interconnect)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Status (x32 Version: 100.0.175.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
TurboTax 2008 (HKLM-x32\...\TurboTax 2008) (Version: - )
TurboTax 2009 (HKLM-x32\...\TurboTax 2009) (Version: - Intuit, Inc)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.1f5_24931 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VideoToolkit01 (x32 Version: 100.0.128.000 - Hewlett-Packard) Hidden
Vindictus (HKLM-x32\...\Vindictus) (Version: - )
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows iLivid Toolbar (HKLM-x32\...\Searchqu 406 MediaBar) (Version: 3.0.0.112200 - Bandoo Media, Inc) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Searchqu Toolbar (HKLM-x32\...\Searchqu 101 MediaBar) (Version: 2.5.0.101919 - Bandoo Media Inc) <==== ATTENTION
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Toolbar) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Carl\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265821247-3271303352-2493671787-1000_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\Users\Carl\AppData\Local\Temp\snprinv\svenosp\wow64.dll No File
==================== Restore Points =========================
26-10-2014 21:35:16 Scheduled Checkpoint
27-10-2014 16:20:50 Scheduled Checkpoint
28-10-2014 05:00:02 Scheduled Checkpoint
29-10-2014 05:00:03 Scheduled Checkpoint
30-10-2014 05:00:03 Scheduled Checkpoint
31-10-2014 01:45:50 Device Driver Package Install: Canon Imaging devices
31-10-2014 01:49:39 Device Driver Package Install: Canon Printers
01-11-2014 05:00:03 Scheduled Checkpoint
01-11-2014 19:00:56 Scheduled Checkpoint
02-11-2014 23:17:50 Scheduled Checkpoint
08-11-2014 00:26:21 Removed Ask Toolbar.
08-11-2014 16:37:05 Windows Update
09-11-2014 15:46:20 Installed Java 7 Update 71
12-11-2014 09:00:32 Windows Update
12-11-2014 18:26:17 Windows Update
12-11-2014 19:48:15 Installed Java 7 Update 71
12-11-2014 20:16:00 Device Driver Package Install: BitDefender LLC Network Service
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 04:34 - 2006-09-18 13:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {16401C9B-705D-4F18-AE8C-61E922B592A2} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {1FBD23B3-C6A4-4E3F-A6B4-579B682F97A6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {27F35796-52FD-4041-A722-0F45210DE47F} - System32\Tasks\MHotkey => C:\Windows\MHotKey.exe [2008-05-30] ()
Task: {2E432A43-B25C-48BC-9823-9CBF65236FF5} - System32\Tasks\update-S-1-5-21-2265821247-3271303352-2493671787-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {2FE41E8E-F272-4302-B623-81B5FDAC1C42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {417DD335-F040-40ED-953D-269AA49FE1C6} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Carl => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {6F4FC5DF-4464-49C9-A0F5-CE3663A8DEAD} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {8FBC437D-E0CA-400F-8B8E-BF3958401487} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-03-31] () <==== ATTENTION
Task: {B4064DBF-457F-46EF-8884-ACAA4AF07010} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D8D335E4-0197-4ADE-BD19-8DB1BD93EBD2} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {DE7CB60C-8F79-4D3D-A460-B685A59D77D1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {E0465D82-723A-475D-B999-C4E25ACA34FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2008-08-06] (Google Inc.)
Task: {E757A55D-EC85-47F9-9BD8-1F4E99A34001} - System32\Tasks\update-S-1-5-21-2265821247-3271303352-2493671787-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4c468a09bf30.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4c468da22830.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2265821247-3271303352-2493671787-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2265821247-3271303352-2493671787-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2014-03-26 13:19 - 2008-08-06 06:37 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2014-03-26 13:21 - 2014-08-13 01:16 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\accessl.ui
2014-03-26 13:20 - 2011-11-14 18:17 - 00153680 _____ () C:\Program Files\Bitdefender\Bitdefender\bdfwcore.dll
2014-03-26 13:21 - 2014-08-13 01:16 - 00004608 _____ () C:\Program Files\Bitdefender\Bitdefender\UI\IMSecurityAL.ui
2014-07-23 23:43 - 2014-07-23 23:43 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_008\ashttpbr.mdl
2014-07-23 23:43 - 2014-07-23 23:43 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_008\ashttpdsp.mdl
2014-07-23 23:43 - 2014-07-23 23:43 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_008\ashttpph.mdl
2014-07-23 23:43 - 2014-07-23 23:43 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender\otengines_00047_008\ashttprbl.mdl
2009-04-08 13:04 - 2008-06-11 10:18 - 00024576 ____N () C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
2009-04-08 13:05 - 2009-04-08 13:05 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3009.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3009.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3009.0__3036420f80dd6947\Framework.Library.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3009.0__672b450de5a7e94a\Framework.Host.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3009.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2009-04-08 13:05 - 2009-04-08 13:05 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3009.0__4df5dcab8860d239\Framework.Utility.dll
2008-11-03 13:43 - 2008-08-19 18:53 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-03-26 13:21 - 2013-03-25 14:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2008-08-30 01:59 - 2008-08-30 01:59 - 00117248 _____ () C:\Windows\system32\atitmm64.dll
2011-09-03 13:52 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2009-04-08 13:02 - 2008-05-30 09:50 - 00581120 ____N () C:\Windows\MHotKey.exe
2010-05-07 15:34 - 2010-05-07 15:34 - 00168792 ____N () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2010-05-07 15:43 - 2010-05-07 15:43 - 00651096 ____N () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-31 20:39 - 2009-08-31 20:39 - 00755712 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
2009-08-31 20:54 - 2009-08-31 20:54 - 00471040 ____N () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2010-04-11 11:04 - 2010-04-11 11:04 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-04-11 11:04 - 2010-04-11 11:04 - 00471040 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2011-02-22 06:55 - 2011-02-22 06:55 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2014-03-26 13:19 - 2008-08-06 06:37 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2014-11-13 09:00 - 2014-11-13 09:00 - 00043008 _____ () c:\users\carl\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbntmea.dll
2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Carl\AppData\Roaming\Dropbox\bin\libcef.dll
2010-05-07 15:35 - 2010-05-07 15:35 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2010-05-07 15:35 - 2010-05-07 15:35 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2010-05-07 15:36 - 2010-05-07 15:36 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2010-05-07 15:36 - 2010-05-07 15:36 - 00921944 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtNetwork4.dll
2010-05-07 15:37 - 2010-05-07 15:37 - 00027480 ____N () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2010-05-07 15:37 - 2010-05-07 15:37 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2010-11-12 06:23 - 2010-11-12 06:23 - 00330584 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Carl\Downloads\AnySendSetup.exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\bitdefender_tsecurity.exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\Combatarms_VER_US_2.1206.09.exe.ftpfygb.partial:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\iLividSetupV1 (1).exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\Internet_Explorer.exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\iTunes64Setup.exe.eti0yqo.partial:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\LeagueofLegends (1).exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\LeagueofLegends.exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\Minecraft (4).exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\MusicnotesSuite.exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\setup-lightshot-2.0.1.5.exe:BDU
AlternateDataStreams: C:\Users\Carl\Downloads\Unconfirmed 48515.crdownload:BDU
AlternateDataStreams: C:\Users\David\Desktop\mcpatcher-2.4.0.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\SWTOR_setup.exe:BDU
AlternateDataStreams: C:\Users\David\Desktop\TechnicLauncher (3).exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\chromeinstall-7u5.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\chromeinstall-7u9 (1).exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\chromeinstall-7u9.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\GamersFirst_LIVE!_Setup_EN.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\jre-7-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\LeagueofLegends.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\mcpatcher-2.3.6.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\Minecraft (1).exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\Minecraft.exe:BDU
AlternateDataStreams: C:\Users\David\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\mlstruck\Downloads\GraboidVideoInstaller-5.1.0.0.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.CommonStartup
MSCONFIG\startupreg: Praetorian =>
MSCONFIG\startupreg: SelectRebates => "C:\Program Files (x86)\SelectRebates\SelectRebates.exe"
MSCONFIG\startupreg: Smart Copy => "C:\Program Files (x86)\IOI\Smart Copy\ButtonMonitor.exe" -A
========================= Accounts: ==========================
Administrator (S-1-5-21-2265821247-3271303352-2493671787-500 - Administrator - Disabled)
Carl (S-1-5-21-2265821247-3271303352-2493671787-1000 - Administrator - Enabled) => C:\Users\Carl
David (S-1-5-21-2265821247-3271303352-2493671787-1003 - Limited - Enabled) => C:\Users\David
Guest (S-1-5-21-2265821247-3271303352-2493671787-501 - Limited - Disabled)
Julie (S-1-5-21-2265821247-3271303352-2493671787-1002 - Limited - Enabled) => C:\Users\Julie
Katie (S-1-5-21-2265821247-3271303352-2493671787-1004 - Limited - Enabled) => C:\Users\Katie
mlstruck (S-1-5-21-2265821247-3271303352-2493671787-1001 - Administrator - Enabled) => C:\Users\mlstruck
==================== Faulty Device Manager Devices =============
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name:
Description:
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/13/2014 09:02:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 37.0.2062.120, time stamp 0x5407bf0e, faulting module chrome.dll, version 37.0.2062.120, time stamp 0x5407bc49, exception code 0x80000003, fault offset 0x004efc90,
process id 0x1b10, application start time 0xchrome.exe0.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/13/2014 08:59:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/12/2014 09:04:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 37.0.2062.120, time stamp 0x5407bf0e, faulting module chrome.dll, version 37.0.2062.120, time stamp 0x5407bc49, exception code 0x80000003, fault offset 0x004efc90,
process id 0x19fc, application start time 0xchrome.exe0.
Error: (11/12/2014 06:46:17 PM) (Source: LoadPerf) (EventID: 3011) (User: )
Description: WmiApRplWmiApRpl8
System errors:
=============
Error: (11/12/2014 06:42:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service
Error: (11/12/2014 06:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: int15%%31
Error: (11/12/2014 06:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intel® PRO/1000 NDIS 6 Adapter Driver%%1058
Error: (11/12/2014 02:11:20 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/12/2014 02:11:18 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/12/2014 02:11:16 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/12/2014 02:11:14 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/12/2014 02:11:11 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/12/2014 02:11:09 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (11/12/2014 02:11:07 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Microsoft Office Sessions:
=========================
Error: (04/01/2012 00:57:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 129 seconds with 120 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-11-07 14:08:27.504
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 14:08:26.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 14:08:26.377
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 14:08:25.831
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 10:53:49.286
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 10:53:48.766
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 10:53:48.250
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 10:53:47.718
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-07 10:43:53.165
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-03-26 13:37:21.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\bdsandbox.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Phenom 9150e Quad-Core Processor
Percentage of memory in use: 67%
Total physical RAM: 3838.27 MB
Available physical RAM: 1252.93 MB
Total Pagefile: 7902.96 MB
Available Pagefile: 4870.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:586.4 GB) (Free:367.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 83E6D949)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=586.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================