HI! OCD
When I downloaded mbam setup to scan computer it has taken over the Malwarebytes program I had, it is showing the same window that I scanned with, it is protecting the system like before, no problems there just the same window to scan.
PS it may have uninstalled my previous program?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by Administrator (administrator) on KHAN on 29-11-2014 17:04:57
Running from C:\Users\Administrator\Desktop
Loaded Profile: Administrator (Available profiles: test & Administrator)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Binary Fortress Software) C:\Program Files\DisplayFusion\DisplayFusionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\dgnsvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\Synergy\synergyd.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDirector12\PDR12.exe
(CyberLink) C:\Program Files\CyberLink\PowerDirector12\PDHanumanSvr.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [86016 2007-12-21] (Brother Industries, Ltd.)
HKLM\...\Run: [SSDMonitor] => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Run: [DNS7reminder] => C:\Program Files\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCEPServiceManager] => C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2411852452-117403543-12125213-500\...\Run: [~rmvtxrr] => C:\Users\Administrator\Downloads\fg742p.exe
HKU\S-1-5-21-2411852452-117403543-12125213-500\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [543432 2014-01-18] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2411852452-117403543-12125213-500\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [19049112 2014-07-27] (Microsoft Corporation)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2411852452-117403543-12125213-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKU\S-1-5-21-2411852452-117403543-12125213-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x64655607D00AD001
HKU\S-1-5-21-2411852452-117403543-12125213-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\960azfpj.default-1415280631391
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: nuance.com/DragonRIAPlugin -> C:\Program Files\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-01-25]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [804528 2011-02-01] (Acronis)
S4 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2012-11-16] (Acronis)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 DisplayFusionService; C:\Program Files\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
R2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [310232 2012-07-18] (Nuance Communications, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1337752 2013-09-12] (ESET)
S4 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 Olympus DVR Service; C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [174592 2013-10-03] (OLYMPUS IMAGING CORP.) [File not signed]
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [4772144 2013-02-21] (O&O Software GmbH)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [254552 2012-08-08] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [131272 2014-01-18] (Sandboxie Holdings, LLC)
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [278016 2014-08-21] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [365056 2012-08-07] (SafeNet Inc.)
S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121688 2013-07-31] (SlySoft, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-09-25] (AVG Technologies)
S3 BrSerIf; C:\Windows\System32\Drivers\BrSerIf.sys [52224 2006-12-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2006-09-03] (Brother Industries Ltd.) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-08-15] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-08-15] (ESET)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [122376 2013-08-15] (ESET)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [605128 2012-09-27] (SafeNet Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-18] () [File not signed]
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [25808 2014-03-19] (Microsoft Corporation)
R0 oem-drv86; C:\Windows\System32\DRIVERS\oem-drv86.sys [28160 2014-11-29] (secr9tos) [File not signed]
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [98064 2012-10-24] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [29456 2012-10-24] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [209168 2012-10-24] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [32528 2012-10-24] (O&O Software GmbH)
S3 pimou; C:\Windows\System32\DRIVERS\pimou.sys [20808 2013-11-30] (Christian Gulden)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [16472 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [11104 2010-04-09] ()
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2012-08-10] (Corel Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161888 2014-01-18] (Sandboxie Holdings, LLC)
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [83392 2012-11-16] (Acronis)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2011-06-23] (Windows ® Win 7 DDK provider)
S0 hcov; System32\drivers\werlmk.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-29 17:04 - 2014-11-29 17:05 - 00013716 _____ () C:\Users\Administrator\Desktop\FRST.txt
2014-11-29 10:09 - 2014-11-29 10:10 - 00448512 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\TFC(1).exe
2014-11-28 14:56 - 2014-11-29 11:27 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-28 14:55 - 2014-11-28 14:55 - 00001088 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-28 14:55 - 2014-11-28 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-28 14:55 - 2014-11-28 14:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-11-28 14:55 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-28 14:50 - 2014-11-28 14:51 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-26 16:12 - 2014-11-26 16:12 - 15196248 _____ () C:\Users\Administrator\Desktop\RogueKiller.exe
2014-11-26 15:38 - 2014-11-26 15:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-26 08:50 - 2014-11-26 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder
2014-11-26 08:49 - 2014-11-26 08:50 - 00000000 ____D () C:\Program Files\Free Sound Recorder
2014-11-26 08:49 - 2006-03-23 12:56 - 00113486 _____ () C:\Windows\system32\NCTWMAProfiles.prx
2014-11-26 08:49 - 2005-05-18 11:52 - 01212416 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioInformation2.dll
2014-11-26 08:49 - 2005-05-17 12:37 - 01986560 _____ (NCT Company Ltd.) C:\Windows\system32\NCTAudioFile2.dll
2014-11-26 08:49 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioRecord2.dll
2014-11-26 08:49 - 2005-04-25 13:01 - 00458752 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioPlayer2.dll
2014-11-26 08:49 - 2005-04-15 12:08 - 00880640 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioEditor2.dll
2014-11-26 08:49 - 2005-04-04 17:21 - 00602112 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioTransform2.dll
2014-11-26 08:49 - 2005-03-28 15:54 - 00479232 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTAudioVisualization2.dll
2014-11-26 08:49 - 2005-03-28 15:52 - 00417792 _____ (Online Media Technologies Ltd.) C:\Windows\system32\NCTTextToAudio2.dll
2014-11-26 08:49 - 2005-02-24 11:51 - 00348160 _____ (NCT Company Ltd.) C:\Windows\system32\NCTWMAFile2.dll
2014-11-26 08:49 - 2004-11-04 13:31 - 00835584 _____ (NCT) C:\Windows\system32\NCTAudioCDGrabber2.dll
2014-11-24 22:39 - 2014-11-24 22:39 - 00415232 _____ (Farbar) C:\Users\Administrator\Desktop\FSS.exe
2014-11-24 11:55 - 2014-11-24 11:55 - 00602112 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\OTL.exe
2014-11-21 00:18 - 2014-11-27 16:43 - 01109504 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2014-11-20 23:34 - 2014-11-20 23:34 - 00022618 _____ () C:\ComboFix.txt
2014-11-20 22:25 - 2014-11-20 22:25 - 05598306 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2014-11-20 08:27 - 2014-11-20 23:34 - 00000000 ____D () C:\Qoobox
2014-11-19 10:15 - 2014-11-21 15:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-19 10:02 - 2014-11-19 10:02 - 00000000 ____D () C:\Users\Administrator\Downloads\mbar-1.08.1.1001
2014-11-19 09:52 - 2014-11-19 09:52 - 14439696 _____ (Malwarebytes Corp.) C:\Users\Administrator\Downloads\mbar-1.08.1.1001.exe
2014-11-19 09:33 - 2014-11-19 09:33 - 00854414 _____ () C:\Users\Administrator\Desktop\SecurityCheck.exe
2014-11-16 16:44 - 2014-11-29 17:05 - 00000000 ____D () C:\FRST
2014-11-16 15:31 - 2014-11-29 12:43 - 00028472 ____H () C:\Users\Administrator\Desktop\~WRL2652.tmp
2014-11-16 15:31 - 2014-11-24 21:40 - 00027210 ____H () C:\Users\Administrator\Desktop\~WRL3949.tmp
2014-11-16 15:31 - 2014-11-24 08:51 - 00028867 ____H () C:\Users\Administrator\Desktop\~WRL2694.tmp
2014-11-16 15:31 - 2014-11-22 09:46 - 00026763 ____H () C:\Users\Administrator\Desktop\~WRL1089.tmp
2014-11-16 15:31 - 2014-11-21 17:22 - 00025830 ____H () C:\Users\Administrator\Desktop\~WRL2672.tmp
2014-11-15 11:33 - 2014-11-29 11:12 - 00001860 _____ () C:\Windows\error.log
2014-11-15 02:39 - 2014-11-15 02:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-KHAN-Microsoft-Windows-7-Ultimate-(32-bit).dat
2014-11-15 02:39 - 2014-11-15 02:39 - 00000000 ____D () C:\RegBackup
2014-11-15 00:33 - 2014-11-15 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-11-15 00:32 - 2014-11-15 00:32 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-11-14 22:32 - 2014-11-14 22:33 - 01706808 _____ (Thisisu) C:\Users\Administrator\Downloads\JRT.exe
2014-11-14 19:10 - 2014-11-14 19:10 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Administrator\Downloads\rkill.exe
2014-11-14 19:07 - 2014-11-14 19:08 - 02140160 _____ () C:\Users\Administrator\Downloads\AdwCleaner.exe
2014-11-14 19:04 - 2014-11-14 23:02 - 00000000 ____D () C:\AdwCleaner
2014-11-14 13:23 - 2014-11-14 13:24 - 120201976 _____ (Microsoft Corporation) C:\Users\Administrator\Downloads\msert.exe
2014-11-12 19:04 - 2014-11-12 19:04 - 00013630 _____ () C:\Users\Administrator\Downloads\Convert recorded audio to text _ Level Up Lunch.htm
2014-11-12 19:04 - 2014-11-12 19:04 - 00000000 ____D () C:\Users\Administrator\Downloads\Convert recorded audio to text _ Level Up Lunch_files
2014-11-12 19:03 - 2014-11-12 19:14 - 22892794 _____ (Audacity Team ) C:\Users\Administrator\Downloads\audacity-win-2.0.6.exe
2014-11-12 18:19 - 2014-11-12 18:19 - 00000000 ____D () C:\Users\Administrator\Documents\2006 FIFA World Cup™
2014-11-12 16:10 - 2014-11-12 16:10 - 00061440 _____ ( ) C:\Users\Administrator\Downloads\VEW.exe
2014-11-12 14:39 - 2014-11-12 14:39 - 00000000 ____D () C:\Program Files\Speccy
2014-11-12 13:12 - 2014-11-12 13:19 - 09817304 _____ () C:\Users\Administrator\Downloads\tweaking.com_windows_repair_aio_setup.exe
2014-11-12 12:48 - 2014-11-12 12:48 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Oracle
2014-11-11 17:37 - 2014-11-11 17:37 - 00000288 _____ () C:\Windows\Support.ini
2014-11-11 17:37 - 2014-11-11 17:37 - 00000000 ____D () C:\Program Files\Common Files\Olympus Shared
2014-11-11 17:32 - 2014-11-12 11:12 - 00000000 ____D () C:\Program Files\The FTW Transcriber
2014-11-11 17:32 - 2014-11-11 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The FTW Transcriber
2014-11-11 17:28 - 2014-11-11 17:30 - 24588601 _____ (The Tyger Valley Systems, Inc. ) C:\Users\Administrator\Downloads\FTW Transcribe setup.exe
2014-11-11 17:21 - 2014-11-11 17:21 - 01177930 _____ () C:\Users\Administrator\Downloads\NCH.Express.Scribe.Pro.v5.55.Incl.Keygen-BRD.rar
2014-11-11 12:07 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-11 11:00 - 2014-11-11 14:46 - 00001152 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Scribe Transcription Software.lnk
2014-11-11 09:31 - 2014-11-11 09:31 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-11-11 09:30 - 2014-11-11 09:30 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVS4YOU
2014-11-11 09:29 - 2014-11-12 13:36 - 00000000 ____D () C:\Program Files\Common Files\AVSMedia
2014-11-11 09:29 - 2014-11-12 13:36 - 00000000 ____D () C:\Program Files\AVS4YOU
2014-11-11 08:27 - 2014-11-20 22:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-10 23:40 - 2014-11-10 23:41 - 00644160 _____ () C:\Users\Administrator\Downloads\switchsetupSoftonicEN.exe
2014-11-10 16:44 - 2014-11-10 16:45 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Administrator\Downloads\tdsskiller.exe
2014-11-10 16:40 - 2014-11-10 16:40 - 04578024 _____ (AVG Technologies) C:\Users\Administrator\Downloads\avg_avct_stb_all_2015_5315_ppc17.exe
2014-11-10 10:01 - 2014-11-10 17:11 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Dictate.lnk
2014-11-09 11:37 - 2014-11-09 11:37 - 13708848 _____ () C:\Users\Administrator\Downloads\SysinternalsSuite(1).zip
2014-11-04 18:35 - 2014-11-04 18:35 - 00000775 _____ () C:\Users\Administrator\Downloads\Drive Update NVIDER.txt
2014-11-04 12:29 - 2014-11-04 12:29 - 00000000 _____ () C:\Users\Administrator\Downloads\FreeSoundRecorder (3).exe.1pwp9uk.partial
2014-11-04 12:26 - 2014-11-04 12:26 - 00000000 _____ () C:\Users\Administrator\Downloads\FreeSoundRecorder (2).exe.hjxm4kd.partial
2014-11-04 11:58 - 2014-11-13 14:50 - 00001149 _____ () C:\Windows\~soundrecorder.dat
2014-11-03 23:36 - 2014-11-03 23:36 - 00000951 _____ () C:\Users\Administrator\Desktop\Balabolka.lnk
2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Administrator\Documents\Balabolka
2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Balabolka
2014-11-03 23:35 - 2014-11-03 23:36 - 00000000 ____D () C:\Program Files\Balabolka
2014-11-03 22:42 - 2014-11-03 23:39 - 00000000 ____D () C:\Users\Administrator\Downloads\Speach
2014-11-03 18:01 - 2014-11-03 18:03 - 31079968 _____ () C:\Users\Administrator\Downloads\Ivona_Reader_inst_wi_ne.exe
2014-11-03 17:12 - 2014-11-03 19:57 - 1092299089 _____ () C:\Users\Administrator\Downloads\ATT tts setup w audrey voice.rar
2014-11-03 16:18 - 2014-11-16 08:12 - 00017395 _____ () C:\Users\Administrator\Desktop\ABC 1 Page 9 Copy 2.txt
2014-11-03 08:25 - 2014-11-03 08:33 - 231177072 _____ () C:\Users\Administrator\Downloads\PowerDirector_3403_GM7_Patch_Patch_VDE141006-01.exe
2014-11-02 16:09 - 2014-11-12 23:13 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\CyberLink
2014-11-02 15:57 - 2014-11-02 15:57 - 00002169 _____ () C:\Users\Public\Desktop\CyberLink WaveEditor 2.lnk
2014-11-02 15:57 - 2014-11-02 15:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2
2014-11-02 15:31 - 2014-11-02 15:31 - 00002201 _____ () C:\Users\Public\Desktop\CyberLink PowerDirector 12.lnk
2014-11-02 15:31 - 2014-11-02 15:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2014-11-02 15:28 - 2014-11-02 15:57 - 00000000 ____D () C:\Program Files\CyberLink
2014-11-02 15:24 - 2014-11-12 23:13 - 00000000 ____D () C:\ProgramData\CyberLink
2014-11-02 15:21 - 2014-11-02 15:21 - 00064218 _____ () C:\Users\Administrator\Documents\cc_20141102_142119.reg
2014-11-02 09:50 - 2014-11-02 10:00 - 01029080 _____ (CyberLink) C:\Users\Administrator\Downloads\CyberLink_PowerDirector_Downloader.exe
2014-11-02 09:45 - 2014-11-02 09:48 - 00001007 _____ () C:\Users\test\Desktop\CyberLink_update 3625.lnk
2014-11-01 09:56 - 2014-11-01 09:57 - 08857025 _____ () C:\Users\Administrator\Downloads\A Time To Kill Trailer.mp4
2014-10-31 18:04 - 2014-11-12 11:22 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-10-31 18:04 - 2014-10-31 18:04 - 00000000 ____D () C:\ProgramData\eSellerate
2014-10-31 17:46 - 2014-10-31 17:46 - 00039542 _____ () C:\Users\Administrator\Documents\cc_20141031_164610.reg
2014-10-31 16:55 - 2014-11-25 16:02 - 00000000 ____D () C:\Users\Administrator\Downloads\Power Direct
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-29 15:41 - 2014-01-25 11:50 - 01509888 ___SH () C:\Users\Administrator\Downloads\Thumbs.db
2014-11-29 11:20 - 2013-03-19 20:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-29 11:17 - 2009-07-14 14:34 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-29 11:17 - 2009-07-14 14:34 - 00023632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-29 11:16 - 2010-11-21 07:01 - 00785366 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-29 11:15 - 2013-11-02 21:34 - 01509491 _____ () C:\Windows\WindowsUpdate.log
2014-11-29 11:12 - 2014-10-06 23:00 - 00252668 _____ () C:\Windows\setupact.log
2014-11-29 11:12 - 2014-10-06 22:52 - 00088028 _____ () C:\Windows\PFRO.log
2014-11-29 11:12 - 2014-10-06 22:52 - 00003402 _____ () C:\Windows\errord.log
2014-11-29 11:12 - 2011-05-13 18:15 - 00028160 _____ (secr9tos) C:\Windows\system32\Drivers\oem-drv86.sys
2014-11-29 11:12 - 2009-07-14 14:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-29 09:58 - 2014-02-27 13:45 - 00015885 _____ () C:\Users\Administrator\Desktop\Provisor.txt
2014-11-29 09:07 - 2013-11-08 12:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-28 16:02 - 2014-01-25 22:35 - 00000000 ____D () C:\Program Files\ESET
2014-11-28 14:55 - 2013-11-08 12:26 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Malwarebytes
2014-11-27 21:54 - 2014-03-03 17:07 - 00000000 ____D () C:\Windows\Lhsp
2014-11-27 02:44 - 2012-07-26 00:00 - 00944128 ___SH () C:\Users\Administrator\Desktop\Thumbs.db
2014-11-27 02:04 - 2014-10-16 18:42 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-26 21:18 - 2012-09-20 10:14 - 00000000 ____D () C:\Users\Administrator\Desktop\NewNow
2014-11-26 17:52 - 2013-07-08 10:06 - 00000000 ____D () C:\Users\Administrator\Desktop\Tempo Video
2014-11-26 16:36 - 2013-11-03 17:00 - 00007613 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2014-11-26 08:46 - 2013-08-28 21:34 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\uTorrent
2014-11-26 08:46 - 2009-07-14 12:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-25 11:11 - 2012-05-14 00:14 - 00000000 ____D () C:\Windows\ERDNT
2014-11-21 10:02 - 2012-01-17 10:50 - 00001007 _____ () C:\Windows\Brpfx04a.ini
2014-11-20 23:28 - 2009-07-14 12:04 - 00000215 _____ () C:\Windows\system.ini
2014-11-20 22:47 - 2009-07-14 12:03 - 69206016 _____ () C:\Windows\system32\config\software.bak
2014-11-20 22:47 - 2009-07-14 12:03 - 24379392 _____ () C:\Windows\system32\config\system.bak
2014-11-20 22:47 - 2009-07-14 12:03 - 00786432 _____ () C:\Windows\system32\config\default.bak
2014-11-20 22:47 - 2009-07-14 12:03 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-11-20 22:47 - 2009-07-14 12:03 - 00028672 _____ () C:\Windows\system32\config\security.bak
2014-11-20 22:19 - 2012-08-06 14:58 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CrashDumps
2014-11-20 22:15 - 2013-11-02 20:37 - 00000000 ____D () C:\Users\Administrator
2014-11-20 22:14 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-11-20 22:13 - 2014-10-06 22:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\ProductData
2014-11-20 22:13 - 2014-01-26 02:12 - 00000000 ____D () C:\Program Files\TNod User & Password Finder
2014-11-20 22:13 - 2013-11-05 21:59 - 00000000 ____D () C:\ProgramData\Licenses
2014-11-20 22:13 - 2013-11-02 20:37 - 00000000 ____D () C:\Users\test
2014-11-20 22:12 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\registration
2014-11-18 01:45 - 2014-02-28 10:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-18 01:45 - 2014-02-28 10:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-16 10:19 - 2014-08-29 11:28 - 00000000 ___RD () C:\Users\Administrator\Downloads\Toto-FrancocCiccio
2014-11-16 08:51 - 2013-07-19 22:04 - 00000000 ____D () C:\Users\Public\CyberLink
2014-11-15 11:06 - 2013-11-03 14:47 - 00141312 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-15 11:03 - 2012-01-20 12:07 - 00000000 ____D () C:\Windows\pss
2014-11-15 10:49 - 2009-07-14 14:33 - 03943296 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-15 10:48 - 2011-04-12 12:24 - 00000000 ____D () C:\Windows\CSC
2014-11-14 18:50 - 2013-11-03 12:31 - 00000000 ____D () C:\Program Files\Software Remove Master
2014-11-14 12:10 - 2009-07-14 12:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-12 23:17 - 2014-01-11 00:56 - 00002952 _____ () C:\Windows\Sandboxie.ini
2014-11-12 23:07 - 2014-10-16 23:10 - 00000000 ____D () C:\ProgramData\ScanSoft
2014-11-12 11:22 - 2012-01-17 10:48 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-11 18:36 - 2013-08-27 22:24 - 00003079 _____ () C:\Users\Administrator\AppData\Roaming\SAS7_000.DAT
2014-11-10 23:08 - 2014-09-14 09:17 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Adobe
2014-11-09 10:38 - 2013-11-02 20:37 - 12845056 _____ () C:\Users\Administrator\ntuser.bak
2014-11-07 01:29 - 2014-03-01 11:06 - 00000000 ____D () C:\Users\Administrator\Downloads\IVONA Voices 2 (1.6.63)
2014-11-06 19:43 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-03 12:34 - 2014-09-22 21:27 - 00000000 ____D () C:\Users\Administrator\Documents\Free Sound Recorder
2014-11-02 16:02 - 2012-07-30 10:34 - 00000056 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_654
2014-11-02 15:58 - 2013-07-19 21:45 - 00000000 ____D () C:\ProgramData\install_clap
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 00:07
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by Administrator at 2014-11-29 17:06:18
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2411852452-117403543-12125213-500\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
Acronis True Image Home 2011 (HKLM\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6696 - Acronis)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced Uninstaller PRO - Version 10 (HKLM\...\AU10_is1) (Version: 10 - Innovative Solutions)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.3.0.0 - SlySoft)
Asmedia ASM106x SATA Host Controller Driver (HKLM\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.1.9.000 - Asmedia Technology)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
AZARDI (HKLM\...\AZARDI_is1) (Version: - Infogrid Pacific Pte. Ltd.)
Balabolka (HKLM\...\Balabolka) (Version: 2.10.0.575 - Ilya Morozov)
Brother MFL-Pro Suite MFC-790CW (HKLM\...\{D9461574-5FC0-4641-BBDC-D1038B196F55}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Classic Menu for Office Enterprise 2010 and 2013 v5.85 (HKLM\...\{9A7CEBDF-37E2-4B63-A384-2A9FD5CE0A80}_is1) (Version: 5.85 - Addintools)
Contents (Version: 16.0.0.106 - Corel Corporation) Hidden
Corel VideoStudio Ultimate X6 (HKLM\...\_{6688A246-F6E8-48AD-9806-8D5832E9F15D}) (Version: 16.0.0.106 - Corel Corporation)
CyberLink PowerDirector 12 (HKLM\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3403.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.4203 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayFusion 6.0 (HKLM\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 6.0.0.0 - Binary Fortress Software)
Dragon NaturallySpeaking 12 (HKLM\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESET NOD32 Antivirus (HKLM\...\{6DCA86D6-F197-41B7-BD33-43E32A15A41E}) (Version: 7.0.302.0 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Free Sound Recorder v9.7.5 (HKLM\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2014 FreeSoundRecorder Technologies, Inc.)
Freeware PDF Unlocker (HKLM\...\{010C0B4A-DC93-4BB4-893B-BDDE95355A3E}) (Version: 1.0.4 - SMTguru)
Garmin Communicator Plugin (HKLM\...\{17079027-EB8A-42C6-9BF8-825B78889F6A}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HashCalc 2.02 (HKLM\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HashCheck Shell Extension (x86-32) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashTab 5.1.0.23 (HKLM\...\HashTab) (Version: 5.1.0.23 - Implbits Software)
ICA (Version: 16.0.0.106 - Corel Corporation) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
IPM_VS_Pro (Version: 16.0 - Corel Corporation) Hidden
ISO Recorder (HKLM\...\{1235083F-52F9-44CC-9DF5-F9B7802BB9B7}) (Version: 3.0.0 - Alex Feinman)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
L&H TTS3000 Italiano (HKLM\...\LHTTSITI) (Version: - )
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 33.1 (x86 en-US) (HKLM\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
MPC-HC 1.7.6 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
Nero 12 (HKLM\...\{D529E699-7753-46E7-8B73-C5556EF5B486}) (Version: 12.0.03500 - Nero AG)
NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials II for PowerDirector (HKLM\...\NewBlue Video Essentials II for Cyberlink) (Version: 3.0 - NewBlue)
NewBlue Video Essentials III for PowerDirector (HKLM\...\NewBlue Video Essentials III for Cyberlink) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Controller Driver 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
O&O DiskImage Professional (HKLM\...\{2AAD066E-698F-48A1-A7D0-0B5701DCAF2C}) (Version: 7.0.144 - O&O Software GmbH)
OlympusCodecs (HKLM\...\{9599AA83-D20B-45E1-819A-5EFD6AFED2BE}) (Version: 1.0.1 - Olympus)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pdfedit (HKLM\...\{6C11089A-E23F-4E9B-B12C-316BF1A4376B}) (Version: 4.5.0.0 - PdfEdit team)
Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: - )
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
PSE11 STI Installer (Version: 11.0 - Adobe Systems Incorporated) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Sandboxie 4.08 (32-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
ScanSoft PaperPort 11 (HKLM\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Setup (Version: 16.0.0.106 - Corel Corporation) Hidden
Share (Version: 16.0.0.106 - Corel Corporation) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Software Remove Master v5.0.1.3 (HKLM\...\Software Remove Master_is1) (Version: - CareWindows)
SoulSeek 157 NS 13e (HKLM\...\Soulseek2) (Version: - )
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synergy (32-bit) (HKLM\...\{48C4B49D-F876-4969-BF74-319EF3601A35}) (Version: 1.5.1 - The Synergy Project)
The FTW Transcriber version 3.1 (HKLM\...\{D27CDB6E-AE6D-11cf-96B8-444553540000}_is1) (Version: 3.1 - The Tyger Valley Systems, Inc.)
TNod User & Password Finder (HKLM\...\TNod) (Version: 1.4.2.3 - Tukero[X]Team)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Ultimate Paint 2.88 Freeware Edition (HKLM\...\UP286_is1) (Version: 2.88 - J-T-L Development)
Universal Document Converter Server Edition (HKLM\...\Universal Document Converter_is1) (Version: 5.3 - fCoder Group, Inc.)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9999-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
VSClassic (Version: 16.0.0.106 - Corel Corporation) Hidden
VSHelp (Version: 16.0.0.106 - Corel Corporation) Hidden
VSUltimate (Version: 16.0.0.106 - Corel Corporation) Hidden
VT-Bridget-M16-SAPI5 (HKLM\...\{C4367E67-52FE-45C6-889C-F48CE7883CA8}) (Version: 3.11.1.0 - VW)
VT-Julie-M16-SAPI5 (HKLM\...\{C496F7CD-ED09-4D8D-872E-3470D4717714}) (Version: - )
VT-Kate-M16-SAPI5 (HKLM\...\{9FAD67A7-3A4E-4754-AAC4-0397F370611D}) (Version: - )
VT-Paul-M16-SAPI5 (HKLM\...\{942DF6BD-E4F2-4915-B4FB-09C02B71284F}) (Version: - )
Welcome App (Start-up experience) (Version: 12.0.15000 - Nero AG) Hidden
Windows Driver Package - Nokia Modem (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows Driver Package - Nokia Modem (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WordPerfect Office X6 - Common Files (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Common Files English (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - IPM (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Lightning Files (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Lightning Files English (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Oxford (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Presentations Files (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Presentations Files English (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Quattro Pro Files (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Quattro Pro Files English (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - Setup Files (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - System Files (Version: 15.0 - Corel Corporation) Hidden
WordPerfect Office X6 - WordPerfect Files (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - WordPerfect Files English (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 - WT (Version: 16.0 - Corel Corporation) Hidden
WordPerfect Office X6 (HKLM\...\_{26D6D2A4-F08A-4212-86E7-7F1F75033610}) (Version: 16.0.0.318 - Corel Corporation)
WordPerfect Office X6 (Version: 16.0 - Corel Corporation) Hidden
Youtube Downloader HD v. 2.9.6 (HKLM\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
19-11-2014 01:45:05 Malwarebytes Anti-Rootkit Restore Point
24-11-2014 02:21:22 OTL Restore Point - 11/24/2014 12:21:19 PM
26-11-2014 07:37:20 Installed Eternal Love_16_9
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-07-30 10:34 - 2014-11-27 02:22 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05CA6C9D-7CCC-428E-914C-F01421A85CBE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {08038180-7575-4743-AA20-957747EA1DF7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0A897EC5-DB50-4E03-BBE3-D57A5A794189} - System32\Tasks\{2C3F50B1-D54D-40CA-992C-830EB5627BDF} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {10EF8F74-69C8-4E4F-BA9B-5DD716CE1EB4} - System32\Tasks\{3DCA905C-CBBF-424C-B155-5B0162A152CF} => C:\Program Files\RapidComm\RAPIDCOM.EXE
Task: {178909FA-264A-49EC-8FF2-9C56A9B13A2A} - System32\Tasks\{742B0DA6-B0BA-407B-AD13-2EF45C8B5136} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2014-01-23] (Microsoft Corporation)
Task: {19460C60-1E2E-4918-94E0-D512C0E5756F} - System32\Tasks\{61D2098D-AB2E-4155-BBA6-7175DCC19796} => C:\Program Files\RapidComm\RAPIDCOM.EXE
Task: {1BF0892A-A768-4CE9-8296-BD0AF0E558DC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {1D7F019C-D419-49C7-BAA0-A577C33B19D2} - System32\Tasks\{FF074E76-79B5-407D-A341-07E6BACAC239} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {1F4B18E4-27FA-4888-8A92-440059244BC2} - System32\Tasks\{C27BEF35-AF2F-476D-A7BB-2D58CADB4917} => C:\3COM\UPDTMDM\UPDTMDM.EXE [1998-06-06] ()
Task: {215EBB15-4A20-4933-A901-C46A6D3B1991} - System32\Tasks\{97E53D3C-1CE8-43C9-9697-2354A5E7825F} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {28455495-D1FC-4558-B070-A172B5334163} - System32\Tasks\{92123959-9F6E-472B-9509-79B7C22FE5A1} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2014-01-23] (Microsoft Corporation)
Task: {2FB16726-0240-4074-A381-4DA5AC038384} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {31CFD816-5E6E-4F8E-B71B-2F6344CDA3D7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {3967B16F-08ED-4990-9728-2855AA26C8D3} - System32\Tasks\{C49E02A8-FD5A-45A2-ABA7-BD66E3C3D11D} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {3A82721C-EA39-4C5C-A69A-93943D12BF94} - System32\Tasks\{77975FFD-B173-4AF2-9A64-88D2367B638D} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {3AE87692-B99B-436C-8320-9FC7ABBADC3D} - System32\Tasks\{19747C34-5D7E-4DBB-8F29-E0CA714F7341} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {3EE8C6D0-1AAC-4ADE-A363-A2DC7FC8AA98} - System32\Tasks\{96E49231-874F-45BB-8C30-8177DF641A49} => C:\Program Files\RapidComm\RAPIDCOM.EXE
Task: {4389A372-FC61-40B0-85C6-475415D624A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {456C2A4E-9180-4F04-9560-3E28BB018C68} - System32\Tasks\{70259839-3263-4456-B23D-D5F4D1BE7C16} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {47939221-4A52-4194-B085-AEB2A6C2103D} - System32\Tasks\{5BE0F675-129F-4995-8F06-03EF74B0F692} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2014-01-23] (Microsoft Corporation)
Task: {498FCE60-CBFB-49F4-B48A-B54F9194969F} - System32\Tasks\{D09C7287-B757-40E0-9BAB-29FB2DBBA8FE} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {4F43426A-4609-4EAB-A61C-7A5DF5B99125} - System32\Tasks\{858FB472-5CEA-4FBD-9E72-65DEC715A7C5} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {528711F2-1C72-448D-B5EF-37927EADCC31} - System32\Tasks\{F2848B54-0B33-4407-AA89-F92FC745D459} => C:\Program Files\Microsoft Office 2003 MultiLang\Microsoft Office Word 2003.exe
Task: {56410E59-C3B1-40F8-B0FD-674254FBA0E7} - System32\Tasks\{F12BB17B-8534-4DF4-9B6F-3E475FFDE5B8} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {56DBD133-FF99-443B-B8AC-3ECC426B958F} - System32\Tasks\{598A64E4-9B31-4706-8E5E-1DE0A59292E0} => C:\Program Files\RapidComm\RAPIDCOM.EXE
Task: {5ADDB58B-CD32-4C7A-8C67-0F33C2AFEB36} - System32\Tasks\{26F8E065-2C28-4787-8086-ADFEA2845C6F} => msiexec.exe /package "F:\NEW PROGRAMS\OFFICE\New 13 -10- 13\Microsoft Office 2003 Pro Portable MultiLang - The11thMtnDiv\Microsoft Office 2003 Pro Portable 11 in 1 SP2 MultiLang - The11thMtnDiv.msi"
Task: {5EE847CB-FE75-4CF1-BED6-837AC7159F2D} - System32\Tasks\{8EA4414C-54BF-4BB7-A44E-9BC521BDBF4A} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {67F58E9F-0BE3-4687-A0CB-793072C765CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6C2214C5-1FB9-4BF9-AB41-F112C323F6AE} - System32\Tasks\{80F3845C-3C92-4898-A9FF-0B5EE604DF07} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {6F868CB2-B24A-4870-B985-C710DDCDC3DF} - System32\Tasks\{7F916CCC-7C8F-478B-918C-C6D255DF3C96} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {759A20CA-2CC1-463C-AB2B-5F20ECA69237} - System32\Tasks\{B5CEC5F3-64B5-4680-9DBB-B24E00ED9E93} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {7BAEB8C8-16A9-4298-B4B6-FFFF2392075A} - System32\Tasks\{2B5DC53E-0AB1-4FD5-8376-F45831513321} => G:\Programs\A0184583.exe [2005-04-01] ()
Task: {7D614EE3-9D66-423F-88D0-D80F9C23C979} - System32\Tasks\{57E60407-B0FB-4D1B-A1C4-5157608AB94C} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {82BF0377-0F7E-46FD-B45F-93885DF2B269} - System32\Tasks\{D92EDE2F-6ECB-46C4-AF2C-088BB3266C49} => msiexec.exe /package "F:\NEW PROGRAMS\OFFICE\Microsoft Office 2003 Pro Portable MultiLang - The11thMtnDiv\Microsoft Office 2003 Pro Portable MultiLang - The11thMtnDiv.msi"
Task: {8958F3FB-5EC7-4C63-A8DE-994597FE8189} - System32\Tasks\{D3D4DB0C-580C-46D9-89E1-68B5B9259E28} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {91D6F716-06D8-4DE8-9FF0-8B38127F071F} - System32\Tasks\{0884BF43-CAEA-4028-8EF9-6A43F9CBAF4B} => C:\Program Files\Microsoft Office 2003 MultiLang\Microsoft Office Word 2003.exe
Task: {955F58A1-9B56-4134-8B00-E6A24D152E65} - System32\Tasks\RMSmartUpdate => C:\Program Files\Registry Mechanic\update.exe
Task: {9A3EED12-48B7-4FDE-89E1-211C2A81374F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {9A8DEEF7-5879-417B-8910-817C62E257AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {9ABF9E49-9B3F-404E-ACE9-EFD7E06AAAD1} - System32\Tasks\NCH Software\ExpressSevenDays => C:\Program Files\NCH Software\Express\Express.exe
Task: {AA318FA1-575A-463F-800F-6EC8A9EE1A5B} - System32\Tasks\{72F5C9F6-BF43-44FA-9C9B-1A414EA26E18} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {B238A0AF-4B8B-4A9D-BB66-143A4F70B525} - System32\Tasks\{8821CE3A-A714-4E0B-A8B5-EC7D64AD924C} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {B4CDFFB2-7FA3-4BFC-BA1B-C987763795D5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {B56E7DDF-9ADE-44EA-8840-2D695C4A8E60} - System32\Tasks\{43022584-1FB3-433D-9BAE-856426CFDAD2} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {B8F2760C-C46E-4C21-92A2-6557BB1FD4D3} - System32\Tasks\{24586FE0-83FE-4FFF-A59B-8D6F461E0ADB} => msiexec.exe /package "F:\NEW PROGRAMS\OFFICE\New 13 -10- 13\Microsoft Office 2003 Pro Portable MultiLang - The11thMtnDiv\Microsoft Office 2003 Pro Portable 11 in 1 SP2 MultiLang - The11thMtnDiv.msi"
Task: {CB4AE861-A16A-4CDA-B2C8-24CC42C82E9E} - System32\Tasks\{8D73619E-884E-4B2A-8690-FD2E6744D2B1} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {CC1103FC-DB87-4860-9806-36E7FBAF2877} - System32\Tasks\{2F4F007B-B337-4BAA-8835-96B7597EEF1B} => C:\Program Files\RapidComm\RAPIDCOM.EXE
Task: {CDB8BC96-F444-4126-B8E6-6CA7B495D9F8} - System32\Tasks\{2D8604A9-1DAA-4D11-8018-32C0E45AC2A0} => C:\Program Files\VW\VT\Julie\M16-SAPI5\lib\UserDicEng.exe [2009-04-17] ()
Task: {D29B7288-C0C9-4911-B299-CF880AC73D80} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D41851D3-61ED-48E6-A243-9D9E3328A3BE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KHAN-Administrator Khan => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {D536B505-EAD3-40B0-B781-AE2AE206BB2D} - System32\Tasks\{253E0BCE-68AC-4F7D-93E9-5435C5EE38F9} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {E0776124-DEBD-4C63-8257-342A6D883336} - System32\Tasks\{6A9758CB-785E-439C-9C1B-2238CECA5BF2} => C:\3COM\UPDTMDM\UPDTMDM.EXE [1998-06-06] ()
Task: {E4E34B87-A337-4D5C-A121-49066069A29C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EAFB4792-2E9F-4098-AF9B-6700216F9A04} - System32\Tasks\{37343038-3FED-49FC-A743-8DDDFE16F4F7} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2014-01-23] (Microsoft Corporation)
Task: {F929BE73-A7C9-4DD4-AF4D-892ED5933594} - System32\Tasks\{575ED30B-3D7F-46C2-B023-637056BFF346} => C:\Program Files\3Com\ModemMgr\Program\mdmMgr.exe
Task: {FBCBC6EF-D7CE-4A65-B778-D35411F56594} - System32\Tasks\{4B12E91A-5B39-42C5-B438-D29669D9D6C1} => C:\Program Files\Common Files\microsoft shared\DW\DW20.EXE [2014-01-23] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (whitelisted) =============
2013-11-02 20:36 - 2013-01-31 19:00 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-11-02 15:57 - 2012-08-08 22:36 - 00254552 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-11-02 15:57 - 2012-08-08 22:36 - 00037392 ____N () C:\Program Files\Cyberlink\Shared files\RichVideops.dll
2014-08-21 18:20 - 2014-08-21 18:20 - 00278016 _____ () C:\Program Files\Synergy\synergyd.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2013-11-08 00:38 - 2012-02-29 00:23 - 00051200 _____ () C:\Program Files\Classic Menu for Office\armaccess.dll
2014-11-11 08:27 - 2014-11-11 08:27 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-11-18 01:45 - 2014-11-18 01:45 - 16840880 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll
2013-10-23 15:11 - 2013-10-23 15:11 - 00866056 _____ () C:\Program Files\CyberLink\PowerDirector12\runtime\misc\UNO.dll
2014-09-25 15:45 - 2014-09-25 15:45 - 01659352 _____ () C:\Program Files\CyberLink\PowerDirector12\Language\ENU\PDrt.dll
2012-08-01 12:07 - 2012-08-01 12:07 - 00249344 _____ () C:\Program Files\CyberLink\PowerDirector12\runtime\mediacache\libebml.dll
2012-08-01 12:07 - 2012-08-01 12:07 - 00548352 _____ () C:\Program Files\CyberLink\PowerDirector12\runtime\mediacache\libmatroska.dll
2013-07-18 22:24 - 2013-07-18 22:24 - 00165848 _____ () C:\Program Files\CyberLink\PowerDirector12\CLVistaAudioMixer.dll
2013-09-17 15:40 - 2013-09-17 15:40 - 00196360 _____ () C:\Program Files\CyberLink\PowerDirector12\HanumanCache.dll
2013-08-15 14:28 - 2013-08-15 14:28 - 00082432 ____N () C:\Program Files\CyberLink\Shared files\PlugIn\NewBlue\NewBlue_PlugIn_VideoEssentials2Bundle.dll
2013-08-15 14:28 - 2013-08-15 14:28 - 19355136 ____N () C:\Program Files\CyberLink\Shared files\PlugIn\NewBlue\NewBlueVideoEssentials2Bundle.dll
2013-08-15 14:32 - 2013-08-15 14:32 - 00403456 ____N () C:\Program Files\CyberLink\Shared files\PlugIn\NewBlue\NewBlueResourcesNew32.dll
2013-08-15 14:32 - 2013-08-15 14:32 - 00082432 ____N () C:\Program Files\CyberLink\Shared files\PlugIn\NewBlue\NewBlue_PlugIn_VideoEssentials3Bundle.dll
2013-08-15 14:33 - 2013-08-15 14:33 - 20718592 ____N () C:\Program Files\CyberLink\Shared files\PlugIn\NewBlue\NewBlueVideoEssentials3Bundle.dll
2013-08-15 14:24 - 2013-08-15 14:24 - 00082432 ____N () C:\Program Files\CyberLink\Shared files\PlugIn\NewBlue\NewBlue_PlugIn_VideoEssentialsBundle.dll
2014-06-24 18:52 - 2014-06-24 18:52 - 01878792 _____ () C:\Program Files\CyberLink\PowerDirector12\runtime\authoring\AuroraU.dll
2013-07-18 22:24 - 2013-07-18 22:24 - 00018392 _____ () C:\Program Files\CyberLink\PowerDirector12\CESdlls\S3Dutility.dll
2012-02-20 19:38 - 2012-02-20 19:38 - 00208659 _____ () C:\Program Files\Win7codecs\filters\avutil-lav-51.dll
2012-02-20 19:38 - 2012-02-20 19:38 - 06426793 _____ () C:\Program Files\Win7codecs\filters\avcodec-lav-54.dll
2012-02-20 19:38 - 2012-02-20 19:38 - 00369109 _____ () C:\Program Files\Win7codecs\filters\swscale-lav-2.dll
2012-02-20 19:38 - 2012-02-20 19:38 - 00142647 _____ () C:\Program Files\Win7codecs\filters\avfilter-lav-2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AJTBBNQOH => 3
MSCONFIG\Services: DXDXHUUIPT => 3
MSCONFIG\Services: ESZIRRKTB => 3
MSCONFIG\Services: GHEXLJESSYJZJFFD => 3
MSCONFIG\Services: GIFNPEGD => 3
MSCONFIG\Services: HNFOEA => 3
MSCONFIG\Services: IPYGNV => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: YBYFGZAO => 3
MSCONFIG\startupfolder: C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
========================= Accounts: ==========================
Administrator (S-1-5-21-2411852452-117403543-12125213-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-2411852452-117403543-12125213-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2411852452-117403543-12125213-1025 - Limited - Enabled)
test (S-1-5-21-2411852452-117403543-12125213-1023 - Administrator - Enabled) => C:\Users\test
UpdatusUser (S-1-5-21-2411852452-117403543-12125213-1026 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/29/2014 00:52:59 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2014 07:34:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/27/2014 07:06:12 PM) (Source: MsiInstaller) (EventID: 10005) (User: KHAN)
Description: Product: AT&T Labs' Natural Voices - Audrey 16k 1.4 (Desktop) -- The operating system is not adequate for running AT&T Labs' Natural Voices - Audrey 16k 1.4 (Desktop).
Error: (11/26/2014 11:37:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RogueKiller.exe version 10.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 14268
Start Time: 01d0097dc274d97b
Termination Time: 0
Application Path: C:\Users\Administrator\Desktop\RogueKiller.exe
Report Id:
Error: (11/26/2014 05:57:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 11e90
Start Time: 01d0094e67c7da57
Termination Time: 0
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
Error: (11/26/2014 04:10:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RogueKiller.exe version 10.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 10670
Start Time: 01d0093d90c12ed3
Termination Time: 0
Application Path: C:\Users\Administrator\Desktop\RogueKiller.exe
Report Id:
Error: (11/26/2014 03:55:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program RogueKiller.exe version 10.0.8.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 103dc
Start Time: 01d0093b32a92e6f
Termination Time: 16
Application Path: C:\Users\Administrator\Desktop\RogueKiller.exe
Report Id:
Error: (11/26/2014 02:20:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/25/2014 00:12:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (11/23/2014 01:13:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (11/29/2014 11:12:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
hcov
Error: (11/29/2014 11:12:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058
Error: (11/29/2014 10:15:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
Error: (11/27/2014 09:09:27 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (11/27/2014 09:09:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
hcov
Error: (11/27/2014 09:09:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error:
%%1058
Error: (11/27/2014 09:08:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:53:04 AM on 11/27/2014 was unexpected.
Error: (11/27/2014 08:37:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (11/27/2014 08:36:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (11/27/2014 08:36:24 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Microsoft Office Sessions:
=========================
Error: (08/29/2013 01:42:27 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.6668.500012.0.6612.1000496960
Error: (07/29/2013 04:20:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 3Microsoft Office PowerPoint12.0.6600.100012.0.6612.100028941320
Error: (05/23/2013 05:51:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.6668.500012.0.6612.100069484080
Error: (11/07/2012 05:42:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.4518.101412.0.4518.101423820
Error: (11/05/2012 07:02:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.4518.101412.0.4518.10142594585760
Error: (07/30/2012 11:03:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.6661.500012.0.6612.1000375300
Error: (07/14/2012 04:56:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.6661.500012.0.6612.1000690403180
Error: (06/06/2012 10:13:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 1Microsoft Office Excel12.0.6661.500012.0.6612.1000470
Error: (02/02/2012 10:09:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: 0Microsoft Office Word12.0.4518.101412.0.4518.1014648300
CodeIntegrity Errors:
===================================
Date: 2014-10-15 04:12:37.713
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.653
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.593
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.503
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.443
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.383
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.143
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.083
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:12:37.023
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-15 04:09:02.485
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_6f8d0e60c043c672\Win32_Tpm.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 54%
Total physical RAM: 3070.49 MB
Available physical RAM: 1393.17 MB
Total Pagefile: 6139.27 MB
Available Pagefile: 3254.84 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.09 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:168 GB) (Free:50.94 GB) NTFS
Drive d: (Local Disk) (Fixed) (Total:130.09 GB) (Free:42.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (1TERA_10GB) (Fixed) (Total:931.51 GB) (Free:375.51 GB) NTFS
Drive g: (320D500GB) (Fixed) (Total:465.76 GB) (Free:216.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: BFBBC8F1)
Partition 1: (Active) - (Size=130.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=168 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 33091F32)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: A4FE0168)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================