Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Steve (administrator) on JUICEBOX on 24-11-2014 14:02:56
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve & (Available profiles: Steve)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Proximity Sensor\HPPRXSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTHIDMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTHIDMonitor.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
() C:\SWSetup\envyTouchPad.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dropbox, Inc.) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalwareService.exe
(Security Stronghold) C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Users\Steve\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Steve\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Steve\AppData\Local\Google\Chrome\Application\chrome.exe
(www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
(Google Inc.) C:\Users\Steve\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp40-kb2894842-v2-x64.exe
(Microsoft Corporation) C:\be50540fa4c9b71bcc4510583a4dd6\Setup.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-08-16] (IDT, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281312 2014-05-19] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-18] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-12] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3060248 2014-11-12] ()
HKLM-x32\...\Run: [Stronghold AntiMalware] => C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe [6645760 2014-11-20] (Security Stronghold)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-198695108-46086056-2637541285-1000\...\Run: [envyTouchPad] => C:\SWSetup\envyTouchPad.exe [402944 2012-02-21] ()
HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [envyTouchPad] => C:\SWSetup\envyTouchPad.exe [402944 2012-02-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-198695108-46086056-2637541285-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x33D6FCDE8CF0CC01
HKU\S-1-5-21-198695108-46086056-2637541285-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=AV01
HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://ninemsn.com.au/?ocid=iehp
HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x33D6FCDE8CF0CC01
HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-au
HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
https://mysearch.avg.com/search?cid={4752A213-58B6-4B45-A0AA-A35B6D7702BC}&mid=8e477dc3434f47d2b313591a688d3399-7f093292fda9df0aba40e47bebefbcc492afc6fb&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-12 17:35:52&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: No Name -> {87E5A7FC-7DF1-60A4-9231-F5E8EDAA944D} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{672DB036-8108-4C04-A361-45DC475DD300}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{9A5DAFD6-2117-4700-8035-4DD20160E9E3}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\3ncg7upl.default
FF Homepage: about:home
FF SelectedSearchEngine: Google
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-198695108-46086056-2637541285-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-198695108-46086056-2637541285-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-02]
CHR Extension: (Google Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-02]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-11]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-02]
CHR Extension: (chrometheme) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjefhelakcgphlgkfebcahbpdbhdpo [2012-11-22]
CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-02]
CHR Extension: (Google Calendar) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-03-13]
CHR Extension: (Google Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-02]
CHR Extension: (Cargo Bridge) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2012-02-23]
CHR Extension: (Google Wallet) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Steve\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 fpsdhcp; C:\Program Files (x86)\Flying Pig Systems\Hog4PC\netservices-win32-golden.exe [412768 2014-02-09] (High End Systems)
S3 fpstftp; C:\Program Files (x86)\Flying Pig Systems\Hog4PC\netservices-win32-golden.exe [412768 2014-02-09] (High End Systems)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-26] (Hewlett-Packard Company) [File not signed]
R2 HPPRXSVC; C:\Program Files (x86)\Hewlett-Packard\HP Proximity Sensor\HPPRXSVC.exe [37432 2011-10-04] (Hewlett-Packard Development Company, L.P.)
R2 ISCTAgent; C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [93696 2011-09-05] ()
R2 LaCieDesktopManagerService; C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe [1227776 2012-04-11] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-25] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-13] (Hewlett-Packard) [File not signed]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27872 2014-05-19] (Samsung Electronics Co., Ltd.)
R2 ServiceSAM; C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalwareService.exe [3054504 2014-11-13] ()
R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed]
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-12] (AVG Secure Search)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-25] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 automap; C:\Windows\System32\DRIVERS\automap.sys [18776 2012-04-18] (Focusrite Audio Engineering Limited)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-12] (AVG Technologies)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2011-09-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [53080 2011-10-04] (Novation DMS Ltd.)
S3 OXSDIDRV_x64; C:\Windows\System32\DRIVERS\OXSDIDRV_x64.sys [51760 2009-09-27] ()
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [265952 2014-05-19] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2014-05-19] (Samsung Electronics Co., Ltd.)
S0 TPkd; No ImagePath
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-02] (WIBU-SYSTEMS AG)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2012-02-27] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 14:02 - 2014-11-24 14:03 - 00027925 _____ () C:\Users\Steve\Desktop\FRST.txt
2014-11-24 14:01 - 2014-11-24 14:01 - 02744965 _____ () C:\Users\Steve\Downloads\idtool.zip
2014-11-24 13:59 - 2014-11-24 13:59 - 00000000 ____D () C:\be50540fa4c9b71bcc4510583a4dd6
2014-11-24 13:34 - 2014-11-24 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-24 13:28 - 2014-11-24 13:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-24 13:23 - 2014-11-24 13:23 - 00000000 ____D () C:\Users\Steve\Desktop\recovery
2014-11-24 13:21 - 2014-11-24 13:21 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\www.shadowexplorer.com
2014-11-24 13:21 - 2014-11-24 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
2014-11-24 13:21 - 2014-11-24 13:21 - 00000000 ____D () C:\Program Files (x86)\ShadowExplorer
2014-11-24 13:19 - 2014-11-24 13:19 - 00001251 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2014-11-24 13:19 - 2014-11-24 13:19 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\GlarySoft
2014-11-24 13:19 - 2014-11-24 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-11-24 13:19 - 2014-11-24 13:19 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-11-24 13:18 - 2014-11-24 13:18 - 00007458 _____ () C:\Users\Steve\Desktop\JRT.txt
2014-11-24 13:15 - 2014-11-24 13:15 - 03437489 _____ (NathanScott Apps) C:\Users\Steve\Downloads\TorrentUnlocker (2).exe
2014-11-24 13:14 - 2014-11-24 13:14 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Steve\Downloads\ShadowExplorer-0.9-setup (1).exe
2014-11-24 13:13 - 2014-11-24 13:13 - 00969845 _____ (ShadowExplorer.com ) C:\Users\Steve\Downloads\ShadowExplorer-0.9-setup.exe
2014-11-24 13:12 - 2014-11-24 13:12 - 04514392 _____ () C:\Users\Steve\Downloads\rrsetup.exe
2014-11-24 13:12 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-11-24 13:12 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-11-24 13:12 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-24 13:12 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-24 13:12 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-11-24 13:12 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-11-24 13:12 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-11-24 13:12 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-11-24 13:08 - 2014-11-24 13:08 - 00000000 ____D () C:\Windows\ERUNT
2014-11-24 13:00 - 2014-11-24 13:00 - 00036138 _____ () C:\Users\Steve\Downloads\Addition.txt
2014-11-24 12:59 - 2014-11-24 14:02 - 00000000 ____D () C:\FRST
2014-11-24 12:57 - 2014-11-24 12:57 - 02118144 _____ (Farbar) C:\Users\Steve\Desktop\FRST64.exe
2014-11-24 12:57 - 2014-11-24 12:57 - 01707532 _____ (Thisisu) C:\Users\Steve\Downloads\JRT.exe
2014-11-24 12:51 - 2014-11-24 13:51 - 00000000 ____D () C:\Users\Public\Documents\Stronghold AntiMalware
2014-11-24 12:51 - 2014-11-24 12:51 - 06437360 _____ (Security Stronghold ) C:\Users\Steve\Downloads\StrongholdAntiMalware.exe
2014-11-24 12:51 - 2014-11-24 12:51 - 00001304 _____ () C:\Users\Steve\Desktop\Stronghold AntiMalware.lnk
2014-11-24 12:51 - 2014-11-24 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold AntiMalware
2014-11-24 12:51 - 2014-11-24 12:51 - 00000000 ____D () C:\Program Files (x86)\Stronghold AntiMalware
2014-11-24 08:51 - 2014-11-24 08:51 - 00205745 _____ () C:\ProgramData\1416840197.bdinstall.bin
2014-11-24 08:46 - 2014-11-24 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2014-11-24 08:46 - 2013-04-17 14:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-11-24 08:46 - 2013-04-17 14:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-11-24 08:46 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-11-24 08:45 - 2014-11-24 08:46 - 00000000 ____D () C:\Program Files\Bitdefender
2014-11-24 08:43 - 2014-11-24 08:46 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\QuickScan
2014-11-24 08:43 - 2014-11-24 08:43 - 10447328 _____ () C:\Users\Steve\Downloads\Antivirus_Free_Edition_x64.exe
2014-11-24 08:43 - 2014-11-24 08:43 - 00162208 _____ () C:\Users\Steve\Downloads\Antivirus_Free_Edition.exe
2014-11-24 08:43 - 2013-05-28 12:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-11-24 08:43 - 2013-04-22 13:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-11-24 08:36 - 2014-11-24 08:36 - 04446072 _____ () C:\Users\Steve\Downloads\Decryptolocker.exe
2014-11-24 08:09 - 2014-11-24 08:09 - 00088977 _____ () C:\Users\Steve\Downloads\1314ExpenseSpreadsheet.xlsx
2014-11-24 08:00 - 2014-11-24 08:00 - 00000000 ____D () C:\Users\Steve\AppData\Local\TorrentUnlocker
2014-11-24 07:58 - 2014-11-24 07:58 - 03437489 _____ (NathanScott Apps) C:\Users\Steve\Downloads\TorrentUnlocker (1).exe
2014-11-24 07:54 - 2014-11-24 07:54 - 03437489 _____ (NathanScott Apps) C:\Users\Steve\Downloads\TorrentUnlocker.exe
2014-11-24 07:43 - 2014-11-24 12:49 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-24 07:43 - 2014-11-24 07:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-24 07:43 - 2014-11-24 07:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-24 07:43 - 2014-11-24 07:43 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-24 07:43 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-24 07:43 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-24 07:43 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-24 07:41 - 2014-11-24 07:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Steve\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-24 07:39 - 2014-11-24 08:40 - 00000000 ____D () C:\NPE
2014-11-24 07:38 - 2014-11-24 08:46 - 00000000 ____D () C:\Users\Steve\AppData\Local\NPE
2014-11-24 07:38 - 2014-11-24 07:38 - 03060320 ____N (Symantec Corporation) C:\Users\Steve\Downloads\NPE.exe
2014-11-24 07:38 - 2014-11-24 07:38 - 00000000 ____D () C:\ProgramData\Norton
2014-11-23 19:16 - 2014-11-23 19:16 - 00000000 _____ () C:\autoexec.bat
2014-11-23 19:15 - 2014-11-23 19:15 - 02998656 _____ (Enigma Software Group USA, LLC.) C:\Users\Steve\Downloads\SpyHunter-Installer.exe
2014-11-23 19:09 - 2014-11-23 19:09 - 00006730 _____ () C:\Users\Steve\Downloads\DECRYPT_INSTRUCTIONS.html
2014-11-23 19:09 - 2014-11-23 19:09 - 00006730 _____ () C:\Users\Steve\Documents\DECRYPT_INSTRUCTIONS.html
2014-11-23 19:08 - 2014-11-23 19:08 - 00000000 ____D () C:\ProgramData\imefegaficekykix
2014-11-20 14:49 - 2014-11-20 14:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_umupload_01_09_00.Wdf
2014-11-19 22:23 - 2014-11-19 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-16 16:07 - 2014-11-23 19:09 - 00262107 _____ () C:\Users\Steve\Downloads\penid_498903881101.zip.encrypted
2014-11-12 17:36 - 2014-11-13 12:13 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-11-12 17:36 - 2014-11-12 22:02 - 00000000 ____D () C:\Users\Steve\AppData\Local\AVG Web TuneUp
2014-11-12 17:36 - 2014-11-12 17:36 - 00000561 _____ () C:\Windows\SysWOW64\debug.log
2014-11-12 17:35 - 2014-11-12 17:36 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-12 17:35 - 2014-11-12 17:35 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-11-12 17:35 - 2014-11-12 17:35 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-11-12 17:35 - 2014-11-12 17:35 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-11-12 17:26 - 2014-11-12 17:26 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-11-12 17:26 - 2014-11-12 17:26 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-11-12 17:25 - 2014-11-23 19:09 - 02555553 _____ () C:\Users\Steve\Downloads\barbanegrariders.zip.encrypted
2014-10-29 21:35 - 2014-10-29 21:35 - 00263960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-10-28 20:13 - 2014-11-23 19:09 - 00028162 _____ () C:\Users\Steve\Downloads\SP_MAC700Profile_EN_D.pdf.encrypted
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-24 14:03 - 2012-02-22 07:22 - 00905430 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-24 14:03 - 2009-07-13 23:13 - 00905430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 14:02 - 2014-10-23 11:14 - 04012982 _____ (NathanScott Apps) C:\Users\Steve\Desktop\IDTool.exe
2014-11-24 13:59 - 2012-02-21 23:51 - 01187587 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 13:58 - 2012-02-22 07:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-24 13:57 - 2012-02-21 05:00 - 00000000 ____D () C:\Users\Steve
2014-11-24 13:50 - 2013-08-20 20:36 - 00000000 ____D () C:\Users\Steve\Desktop\TAX
2014-11-24 13:42 - 2009-07-13 20:34 - 00000594 _____ () C:\Windows\win.ini
2014-11-24 13:34 - 2013-04-17 05:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-24 13:34 - 2013-04-17 05:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-24 12:58 - 2013-03-02 21:46 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 12:55 - 2009-07-13 22:45 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 12:55 - 2009-07-13 22:45 - 00019520 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 12:52 - 2012-04-18 21:48 - 00000000 ___RD () C:\Users\Steve\Dropbox
2014-11-24 12:52 - 2012-04-18 21:24 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\Dropbox
2014-11-24 12:49 - 2012-02-21 06:41 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000UA.job
2014-11-24 12:48 - 2014-09-19 20:45 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSteve
2014-11-24 12:48 - 2014-09-19 20:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForSteve.job
2014-11-24 09:05 - 2014-10-14 03:31 - 00008240 _____ () C:\Windows\setupact.log
2014-11-24 09:05 - 2012-12-02 21:34 - 00000015 _____ () C:\Windows\system32\deviceAppeared.txt
2014-11-24 09:05 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 08:52 - 2014-10-07 19:26 - 00000000 ____D () C:\LIGHTCONVERSE_
2014-11-24 08:39 - 2012-02-21 19:33 - 08621502 _____ () C:\Windows\PFRO.log
2014-11-24 08:24 - 2014-10-06 02:39 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-24 08:02 - 2009-07-13 21:20 - 00000000 __RSD () C:\Windows\Media
2014-11-23 19:09 - 2014-10-22 00:24 - 00000000 ____D () C:\Users\Steve\Downloads\PARKWAY
2014-11-23 19:09 - 2014-10-22 00:21 - 36127566 _____ () C:\Users\Steve\Downloads\PARKWAY.zip.encrypted
2014-11-23 19:09 - 2014-10-15 19:32 - 00000372 _____ () C:\Users\Steve\Downloads\3047797117 (1).csv.encrypted
2014-11-23 19:09 - 2014-10-14 23:08 - 00045795 _____ () C:\Users\Steve\Downloads\MagicPanel_602_dmx_chart_v1.pdf.encrypted
2014-11-23 19:09 - 2014-10-14 19:42 - 00169491 _____ () C:\Users\Steve\Downloads\SP_AtomicColors_EN_A.pdf.encrypted
2014-11-23 19:09 - 2014-10-14 19:41 - 00065525 _____ () C:\Users\Steve\Downloads\download (2).pdf.encrypted
2014-11-23 19:09 - 2014-10-14 19:41 - 00065525 _____ () C:\Users\Steve\Downloads\download (1).pdf.encrypted
2014-11-23 19:09 - 2014-10-13 19:07 - 07978160 _____ () C:\Users\Steve\Downloads\light_converse_user_manual.pdf.encrypted
2014-11-23 19:09 - 2014-10-06 02:45 - 626165328 _____ () C:\Users\Steve\Downloads\Guitar_Rig_5_520_PC.zip.encrypted
2014-11-23 19:09 - 2014-10-01 22:44 - 162481958 _____ () C:\Users\Steve\Downloads\clonezilla-live-20140915-trusty-amd64.zip.encrypted
2014-11-23 19:09 - 2014-10-01 22:26 - 00000000 ____D () C:\Users\Steve\Downloads\Macrium
2014-11-23 19:09 - 2014-10-01 22:13 - 16123645 _____ () C:\Users\Steve\Downloads\Samsung_Magician_Setup_v44.zip.encrypted
2014-11-23 19:09 - 2014-10-01 22:13 - 12041213 _____ () C:\Users\Steve\Downloads\Samsung_Data_Migration_Setup_v27.zip.encrypted
2014-11-23 19:09 - 2014-09-30 19:52 - 00004374 _____ () C:\Users\Steve\Downloads\GavanWoodruff.pdf.encrypted
2014-11-23 19:09 - 2014-09-23 23:32 - 04363393 _____ () C:\Users\Steve\Downloads\X32-Edit_V2.3_PC.zip.encrypted
2014-11-23 19:09 - 2014-09-18 21:25 - 00000000 ____D () C:\Users\Steve\Downloads\legal-documents-for-web-designers
2014-11-23 19:09 - 2014-09-18 21:22 - 00899563 _____ () C:\Users\Steve\Downloads\legal-documents-for-web-designers.zip.encrypted
2014-11-23 19:09 - 2014-09-18 21:17 - 00050952 _____ () C:\Users\Steve\Downloads\licence_to_publish.doc.encrypted
2014-11-23 19:09 - 2014-09-18 21:14 - 00037128 _____ () C:\Users\Steve\Downloads\Bcontract.doc.encrypted
2014-11-23 19:09 - 2014-09-18 21:11 - 00179836 _____ () C:\Users\Steve\Downloads\assigning-licensing-rights-g0.pdf.encrypted
2014-11-23 19:09 - 2014-09-16 08:22 - 00088435 _____ () C:\Users\Steve\Downloads\helvetica-neue-thin.zip.encrypted
2014-11-23 19:09 - 2014-06-08 11:12 - 02462564 _____ () C:\Users\Steve\Downloads\toughpar-quadra-user-manual-rev-e-.pdf.encrypted
2014-11-23 19:09 - 2014-06-08 11:11 - 01455185 _____ () C:\Users\Steve\Downloads\Impression 120RZ WWC-CCW Manual V1.14 EN.pdf.encrypted
2014-11-23 19:09 - 2014-06-08 11:10 - 00413655 _____ () C:\Users\Steve\Downloads\Impression 120RZ WWC-CCW DMX V1.03 EN.pdf.encrypted
2014-11-23 19:09 - 2014-06-08 11:07 - 00285704 _____ () C:\Users\Steve\Downloads\toughpar-quadra-user-manual-rev-a.pdf.encrypted
2014-11-23 19:09 - 2014-05-22 21:10 - 00000000 ____D () C:\Users\Steve\Downloads\bebas-neue
2014-11-23 19:09 - 2014-05-22 20:51 - 00021140 _____ () C:\Users\Steve\Downloads\bebas-neue.zip.encrypted
2014-11-23 19:09 - 2014-05-18 23:42 - 00083208 _____ () C:\Users\Steve\Downloads\Chassis Specifications.doc.encrypted
2014-11-23 19:09 - 2014-03-24 18:49 - 00194564 _____ () C:\Users\Steve\Downloads\SCREENS MAPS.zip.encrypted
2014-11-23 19:09 - 2014-03-18 21:51 - 00000567 _____ () C:\Users\Steve\Downloads\more coming soon.rtf.encrypted
2014-11-23 19:09 - 2014-03-18 21:39 - 00000659 _____ () C:\Users\Steve\Downloads\logo notes.rtf.encrypted
2014-11-23 19:09 - 2014-03-12 22:29 - 01038088 _____ () C:\Users\Steve\Downloads\Birds of Tokyo Short General Bio - Sept 2013.doc.encrypted
2014-11-23 19:09 - 2014-02-08 03:00 - 00198920 _____ () C:\Users\Steve\Downloads\permissions_guidelines.doc.encrypted
2014-11-23 19:09 - 2014-02-08 02:48 - 00027400 _____ () C:\Users\Steve\Downloads\Photograph & Video Release Form.doc.encrypted
2014-11-23 19:09 - 2014-02-04 06:08 - 00130163 _____ () C:\Users\Steve\Downloads\Itinerary_189296.pdf.encrypted
2014-11-23 19:09 - 2014-01-30 00:20 - 00000372 _____ () C:\Users\Steve\Downloads\3047797117.csv.encrypted
2014-11-23 19:09 - 2014-01-25 01:35 - 00041286 _____ () C:\Users\Steve\Documents\OZ FEST SET.docx.encrypted
2014-11-23 19:09 - 2013-12-22 23:34 - 00356239 _____ () C:\Users\Steve\Downloads\payment-3571533505.pdf.encrypted
2014-11-23 19:09 - 2013-11-12 05:27 - 00043244 _____ () C:\Users\Steve\Downloads\tonyfransen.pdf.encrypted
2014-11-23 19:09 - 2013-11-12 05:25 - 00105743 _____ () C:\Users\Steve\Downloads\matthewsmith.pdf.encrypted
2014-11-23 19:09 - 2013-11-06 02:51 - 00207269 _____ () C:\Users\Steve\Downloads\mph_led_balls_brochure (2).pdf.encrypted
2014-11-23 19:09 - 2013-11-05 22:46 - 00207269 _____ () C:\Users\Steve\Downloads\mph_led_balls_brochure (1).pdf.encrypted
2014-11-23 19:09 - 2013-11-04 03:16 - 00002050 _____ () C:\Users\Steve\Downloads\DeerHunter2014.xml.encrypted
2014-11-23 19:09 - 2013-10-31 21:59 - 00207269 _____ () C:\Users\Steve\Downloads\mph_led_balls_brochure.pdf.encrypted
2014-11-23 19:09 - 2013-10-05 22:05 - 03013380 _____ () C:\Users\Steve\Downloads\20128910739362.rar.encrypted
2014-11-23 19:09 - 2013-10-03 20:58 - 00062102 _____ () C:\Users\Steve\Downloads\Tax Invoice.pdf.encrypted
2014-11-23 19:09 - 2013-09-08 23:22 - 52397671 _____ () C:\Users\Steve\Downloads\COVER AND POSTER .zip.encrypted
2014-11-23 19:09 - 2013-08-30 05:26 - 00085768 _____ () C:\Users\Steve\Downloads\simple_vat_cash.xls.encrypted
2014-11-23 19:09 - 2013-08-30 04:35 - 00214751 _____ () C:\Users\Steve\Downloads\AMIN-Tax-Pack (1).pdf.encrypted
2014-11-23 19:09 - 2013-08-30 04:35 - 00037253 _____ () C:\Users\Steve\Downloads\Common+Deductions (1).pdf.encrypted
2014-11-23 19:09 - 2013-08-27 00:58 - 00179976 _____ () C:\Users\Steve\Downloads\BoT ARIA Schedule.doc.encrypted
2014-11-23 19:09 - 2013-08-26 23:25 - 00083990 _____ () C:\Users\Steve\Downloads\Mr Steven Granville 11 Sep 2009 HBAMEL.zip.encrypted
2014-11-23 19:09 - 2013-08-26 22:35 - 00113633 _____ () C:\Users\Steve\Downloads\CAC001-00001I-V001.pdf.encrypted
2014-11-23 19:09 - 2013-08-26 19:58 - 00003923 _____ () C:\Users\Steve\Downloads\Download.pdf.encrypted
2014-11-23 19:09 - 2013-08-20 22:36 - 00302344 _____ () C:\Users\Steve\Downloads\sbv-financial-statements.xls.encrypted
2014-11-23 19:09 - 2013-08-20 21:10 - 00088264 _____ () C:\Users\Steve\Downloads\AnnualExpenseSpreadsheetVisual Artists.xlsx.encrypted
2014-11-23 19:09 - 2013-08-20 20:35 - 00019720 _____ () C:\Users\Steve\Downloads\INCOME~1.XLS.encrypted
2014-11-23 19:09 - 2013-08-20 20:31 - 00088161 _____ () C:\Users\Steve\Downloads\AnnualExpenseSpreadsheetMusicians.xlsx.encrypted
2014-11-23 19:09 - 2013-08-20 20:31 - 00019548 _____ () C:\Users\Steve\Downloads\MusiciansExpenseWorksheet.xlsx.encrypted
2014-11-23 19:09 - 2013-08-20 01:16 - 00589059 _____ () C:\Users\Steve\Downloads\td2012-017c1 (1).pdf.encrypted
2014-11-23 19:09 - 2013-08-18 22:30 - 00020763 _____ () C:\Users\Steve\Downloads\BUS00335807n11027_emp.pdf.encrypted
2014-11-23 19:09 - 2013-08-18 22:29 - 00020562 _____ () C:\Users\Steve\Downloads\BUS00335807n11027-dec.pdf.encrypted
2014-11-23 19:09 - 2013-08-18 22:13 - 00589058 _____ () C:\Users\Steve\Downloads\td2012-017c1.pdf.encrypted
2014-11-23 19:09 - 2013-08-18 22:06 - 00037253 _____ () C:\Users\Steve\Downloads\Common+Deductions.pdf.encrypted
2014-11-23 19:09 - 2013-08-18 22:05 - 00038167 _____ () C:\Users\Steve\Downloads\Microsoft+Word+-+FBT+entertainment+summary+table+2011+mk2.pdf.encrypted
2014-11-23 19:09 - 2013-08-18 22:00 - 00214751 _____ () C:\Users\Steve\Downloads\AMIN-Tax-Pack.pdf.encrypted
2014-11-23 19:09 - 2013-08-18 21:20 - 00654955 _____ () C:\Users\Steve\Downloads\bus76494nat30290511.pdf.encrypted
2014-11-23 19:09 - 2013-07-18 19:03 - 00078706 _____ () C:\Users\Steve\Downloads\LC Plus Series.pdf.encrypted
2014-11-23 19:09 - 2013-07-16 02:05 - 00008740 _____ () C:\Users\Steve\Downloads\metal_presets_mazur.rar.encrypted
2014-11-23 19:09 - 2013-06-26 04:00 - 00123397 _____ () C:\Users\Steve\Downloads\tech_specs.pdf.encrypted
2014-11-23 19:09 - 2013-06-25 21:23 - 00179681 _____ () C:\Users\Steve\Downloads\Little Prince FOH.pdf.encrypted
2014-11-23 19:09 - 2013-06-25 21:23 - 00141763 _____ () C:\Users\Steve\Downloads\Little Prince Hang Sheets.pdf.encrypted
2014-11-23 19:09 - 2013-06-08 00:30 - 01813072 _____ () C:\Users\Steve\Downloads\gala_event.pdf.encrypted
2014-11-23 19:09 - 2013-06-07 02:07 - 00022680 _____ () C:\Users\Steve\Downloads\touchosc.zip.encrypted
2014-11-23 19:09 - 2013-06-04 19:08 - 00619784 _____ () C:\Users\Steve\Downloads\touring_HighEnd.xls.encrypted
2014-11-23 19:09 - 2013-04-22 01:09 - 00075345 _____ () C:\Users\Steve\Downloads\HD42_FD42.pdf.encrypted
2014-11-23 19:09 - 2013-04-17 04:21 - 00414267 _____ () C:\Users\Steve\Downloads\mph_trackspotbolt.pdf.encrypted
2014-11-23 19:09 - 2013-02-19 03:33 - 00114252 _____ () C:\Users\Steve\Downloads\Impression X4 DMX 1 01 EN (3).pdf.encrypted
2014-11-23 19:09 - 2013-02-19 02:52 - 01542457 _____ () C:\Users\Steve\Downloads\Impression X4 DMX Pattern Appendix A V1 01 EN_01.pdf.encrypted
2014-11-23 19:09 - 2013-02-18 04:51 - 00000659 _____ () C:\Users\Steve\Downloads\Notes (1).rtf.encrypted
2014-11-23 19:09 - 2013-02-18 04:11 - 00000700 _____ () C:\Users\Steve\Downloads\Notes.rtf.encrypted
2014-11-23 19:09 - 2013-02-17 21:15 - 00114252 _____ () C:\Users\Steve\Downloads\Impression X4 DMX 1 01 EN (2).pdf.encrypted
2014-11-23 19:09 - 2013-02-13 06:20 - 06114541 _____ () C:\Users\Steve\Downloads\AlphaSpotHPE700_Manuale_Rev.2_(02.11)_IT.pdf.encrypted
2014-11-23 19:09 - 2013-02-13 06:17 - 01488401 _____ () C:\Users\Steve\Downloads\AlphaSpotHPE700_DmxChannels_Rev.2_(02.11).pdf.encrypted
2014-11-23 19:09 - 2013-01-16 21:07 - 01500751 _____ () C:\Users\Steve\Downloads\Impression 120RZ RGB Manual V1.5 EN.pdf.encrypted
2014-11-23 19:09 - 2013-01-15 22:56 - 00114252 _____ () C:\Users\Steve\Downloads\Impression X4 DMX 1 01 EN (1).pdf.encrypted
2014-11-23 19:09 - 2013-01-15 22:46 - 00114252 _____ () C:\Users\Steve\Downloads\Impression X4 DMX 1 01 EN.pdf.encrypted
2014-11-23 19:09 - 2013-01-02 22:08 - 00047048 _____ () C:\Users\Steve\Downloads\C002528-00001Q-V001.pdf.encrypted
2014-11-23 19:09 - 2012-12-29 09:44 - 01523174 _____ () C:\Users\Steve\Downloads\jarag userguide_revD_full_eng.pdf.encrypted
2014-11-23 19:09 - 2012-12-25 20:17 - 00000000 ____D () C:\Users\Steve\Documents\PDF Compressor Output
2014-11-23 19:08 - 2014-10-09 19:32 - 00000000 ____D () C:\Users\Steve\Desktop\PWD EUROPE
2014-11-23 19:08 - 2014-10-09 05:01 - 00000000 ____D () C:\Users\Steve\Desktop\lights
2014-11-23 19:08 - 2014-06-30 04:29 - 00000000 ____D () C:\Users\Steve\Desktop\JBT
2014-11-23 19:08 - 2014-06-23 12:11 - 00000000 ____D () C:\Users\Steve\Desktop\Amity 2014
2014-11-23 19:08 - 2014-05-21 16:49 - 00000426 ____H () C:\Users\Steve\Desktop\~$T setlist temp.docx.encrypted
2014-11-23 19:08 - 2014-05-08 06:58 - 00000000 ____D () C:\Users\Steve\Desktop\usa advance
2014-11-23 19:08 - 2014-04-18 03:55 - 00000426 ____H () C:\Users\Steve\Desktop\~$UESFEST MOJO PATCH.docx.encrypted
2014-11-23 19:08 - 2014-02-19 01:51 - 00000000 ____D () C:\Users\Steve\Desktop\BOT US PROMO
2014-11-23 19:08 - 2014-01-21 00:10 - 00219985 _____ () C:\Users\Steve\Documents\BIRDS OF TOKYO_WHEATSTONE FREIGHT_2014.pdf.encrypted
2014-11-23 19:08 - 2013-10-17 17:22 - 00011569 _____ () C:\Users\Steve\Documents\AMITY INPUTS.xlsx.encrypted
2014-11-23 19:08 - 2013-01-10 21:38 - 00000426 ____H () C:\Users\Steve\Desktop\~$rds Of Tokyo - Audio Requirements - MarchFires.docx.encrypted
2014-11-23 19:08 - 2013-01-10 06:14 - 00000426 ____H () C:\Users\Steve\Desktop\~$rds Of Tokyo - MarchFires Tour - Visuals.docx.encrypted
2014-11-23 19:08 - 2013-01-06 19:30 - 00000426 ____H () C:\Users\Steve\Desktop\~$rch setlist.docx.encrypted
2014-11-23 19:08 - 2012-08-02 03:58 - 00000000 ____D () C:\SETUP
2014-11-23 19:08 - 2012-08-02 03:58 - 00000000 ____D () C:\LIBRARY
2014-11-23 18:44 - 2012-02-21 06:41 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000Core.job
2014-11-21 12:16 - 2012-04-18 21:29 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\Skype
2014-11-19 22:23 - 2014-04-28 15:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-19 22:23 - 2012-04-18 21:29 - 00000000 ____D () C:\ProgramData\Skype
2014-11-19 22:07 - 2012-02-22 01:01 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\vlc
2014-11-19 17:36 - 2012-02-21 06:41 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000UA
2014-11-19 17:36 - 2012-02-21 06:41 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000Core
2014-11-16 16:05 - 2012-04-18 21:25 - 00000000 ____D () C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 12:34 - 2014-10-06 02:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-08 11:09 - 2012-02-23 23:05 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-08 11:08 - 2012-03-16 20:52 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-31 23:26 - 2012-02-21 06:03 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Some content of TEMP:
====================
C:\Users\Steve\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwrwwde.dll
C:\Users\Steve\AppData\Local\Temp\GUR7E69.exe
C:\Users\Steve\AppData\Local\Temp\libtar.dll
C:\Users\Steve\AppData\Local\Temp\ose00000.exe
C:\Users\Steve\AppData\Local\Temp\QtCore470.dll
C:\Users\Steve\AppData\Local\Temp\Tsu82A9705F.dll
C:\Users\Steve\AppData\Local\Temp\zlibwapi.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-19 16:57
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Steve at 2014-11-24 14:03:43
Running from C:\Users\Steve\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-198695108-46086056-2637541285-1000\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArKaos MediaMaster 3.2.2 (HKLM-x32\...\{DCAB622A-8D47-47FB-95DE-6043D77FB5DD}) (Version: 1.00.0000 - ArKaos)
ArKaos VJ 3.6.5 beta 4 (HKLM-x32\...\{77F4739D-13F3-4899-9ECF-631D020FF144}) (Version: 3.6.5 beta 4 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Automap 4.7 (HKLM\...\Automap Universal_is1) (Version: 4.7 - Focusrite Audio Engineering Ltd.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4223 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
AVS Video Converter 8.5 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.5.1.551 - Online Media Technologies Ltd.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
Canon iP90 Setup Utility (HKLM-x32\...\Canon iP90 Setup Utility) (Version: - )
Charles 3.8.3 (HKLM\...\{5CE7E4F6-039B-4A30-9F0E-A0FF90F1A018}) (Version: 3.8.3.3 - XK72 Ltd)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMX-PRO Manager 1.14 (HKLM-x32\...\DMX-PRO Manager) (Version: - )
Dropbox (HKU\S-1-5-21-198695108-46086056-2637541285-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.1.1119 - Foxit Corporation)
Google Chrome (HKU\S-1-5-21-198695108-46086056-2637541285-1000\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Chrome (HKU\S-1-5-21-198695108-46086056-2637541285-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hog Connectivity 2.4.0.805 (HKLM-x32\...\{FD9FD2CC-50DB-4911-828A-6F9BED388968}) (Version: 2.4.0.805 - High End Systems)
Hog2PC 3.4.3.160 (HKLM-x32\...\{96BE30F4-D29C-4304-BD1C-B7B7D147FCDE}) (Version: 3.4.3.160 - High End Systems)
Hog3PC 3.2.6.3434 (HKLM-x32\...\{9A950BA4-060E-4F7A-94ED-8F4D759C58FA}) (Version: 3.2.6.3434 - High End Systems)
Hog4PC 2.1.2.565 (HKLM-x32\...\{5C6C8E9F-638C-4AFF-B6B3-0C59F14CC14F}) (Version: 2.1.2.565 - High End Systems)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photosmart Wireless B109n-z All-in-One Driver 14.0 Rel. 6 (HKLM\...\{79A72AAD-7ED4-49D8-872D-D1465061F9DB}) (Version: 14.0 - HP)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Proximity Sensor Utility (HKLM-x32\...\{BE208C2E-A46A-426F-B2B8-CE8BEF9DB24D}) (Version: 1.0.18 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6359.0 - IDT)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation)
Intel® Smart Connect Technology 1.0 (HKLM-x32\...\{0A918A9E-74F2-41CB-969F-FB0CB9A51DD8}) (Version: 1.0.698.0 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E2D0B67F-8032-4E11-87C6-C8C721D331B3}) (Version: 15.01.0500.0903 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
LaCie Desktop Manager 1.4.5 (HKLM\...\{3845209F-142E-4F48-B61A-AA34D2DB54BB}_is1) (Version: 1.4.5 - LaCie)
LIGHTCONVERSE #56 (HKLM-x32\...\LIGHTCONVERSE_is1) (Version: - LIGHTCONVERSE)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0080-0409-0000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.2 - Mozilla)
Mozilla Thunderbird 31.2.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 31.2.0 (x86 en-GB)) (Version: 31.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
PS_AIO_06_B109n-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RAPID Mode (Version: 1.0.1.68 - Samsung Electronics Co., Ltd.) Hidden
Registry Repair 5.0.1.62 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.62 - Glarysoft Ltd)
RemoteComms driver (HKLM-x32\...\{43BEEE26-01A8-4EEE-8632-2353261E3B55}) (Version: 1.25.0000 - Oxford Semiconductor)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Stronghold AntiMalware (HKLM-x32\...\Stronghold AntiMalware_is1) (Version: 1.0 - Security Stronghold)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
T-RackS CS version 4.2.1 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.2.1 - IK Multimedia)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00b of 2011-Jan-12 (Build 132) (Setup) - WIBU-SYSTEMS AG)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\2DC0AA065FA83047D7ECD51C7000C1620D79A4C5) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\51A4D522DD31538335EF5736F0E7F588C70BCB12) (Version: 02/17/2009 2.04.16 - FTDI)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
YTD Video Downloader 4.8.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.2 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-198695108-46086056-2637541285-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
13-11-2014 02:24:35 Scheduled Checkpoint
24-11-2014 07:06:11 Scheduled Checkpoint
24-11-2014 14:46:08 Norton_Power_Eraser_20141124084607237
24-11-2014 19:11:31 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {015E4A66-4F83-4216-B595-ED73DBB3A20D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {039A2155-1CBE-4C76-B7CB-A8163C6FAD9A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000UA => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {0ED21926-373A-4BFF-ADF4-D04083ADB5E0} - System32\Tasks\{29871B12-4D39-476A-9B88-12DEEA9C28D4} => msiexec.exe /package "C:\Users\Steve\Downloads\Capture Polar 2.11.22.msi"
Task: {167B8355-A14A-4A74-BFCF-DF0CE5E730F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {17596A4E-6FDA-475E-9237-B7CEDF710077} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {25413FB2-D3C8-4A4C-A937-6955D2AE4B3C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {266EEA9B-E598-42B0-ADBB-BE2A3E6FC9B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {3C59C13E-2550-43F8-B58A-C4E9102F0857} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {562F35FC-5970-4AE0-9400-CB315F1449A0} - System32\Tasks\{1AA998EB-F274-4383-89A6-02A5DD942883} => msiexec.exe /package "C:\Users\Steve\Downloads\Capture Polar 2.11.22.msi"
Task: {97A07120-A2CD-488C-8D18-8C0F9C4C44B7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000Core => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {D4A52A66-132D-4347-A16B-48C9A3424AE3} - System32\Tasks\HPCeeScheduleForSteve => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {DE088267-0E60-4847-BA84-48F2DA641652} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-26] (Hewlett-Packard Company)
Task: {F056961A-D086-445E-A834-ABED0E1629B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-26] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-198695108-46086056-2637541285-1000UA.job => ?
Task: C:\Windows\Tasks\HPCeeScheduleForSteve.job => ?
==================== Loaded Modules (whitelisted) =============
2014-11-24 08:46 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-11-24 08:46 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2011-09-05 18:48 - 2011-09-05 18:48 - 00093696 _____ () C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2012-12-02 21:33 - 2012-04-11 21:51 - 01227776 _____ () C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe
2011-09-05 18:48 - 2011-09-05 18:48 - 00026112 _____ () C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\ISCTHidMonitor.exe
2014-11-12 17:35 - 2014-11-12 17:35 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
2012-02-21 04:07 - 2011-08-09 09:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-21 19:31 - 2010-12-22 03:17 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-02-21 19:31 - 2012-02-21 19:31 - 00402944 _____ () C:\SWSetup\envyTouchPad.exe
2014-11-24 12:51 - 2014-11-13 10:17 - 03054504 _____ () C:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalwareService.exe
2011-03-16 07:07 - 2011-03-16 07:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-19 22:23 - 2010-10-19 22:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-02-22 06:43 - 2012-02-17 03:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-04-23 17:05 - 2014-04-23 17:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 17:04 - 2014-04-23 17:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-05 18:48 - 2011-09-05 18:48 - 00036352 _____ () C:\Program Files (x86)\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2014-11-12 17:35 - 2014-11-12 17:35 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\log4cplusU.dll
2011-03-16 07:11 - 2011-03-16 07:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-19 22:45 - 2010-10-19 22:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-10-02 01:06 - 2014-05-06 12:24 - 00013824 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2014-10-02 01:06 - 2014-05-19 21:20 - 00103424 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\PAL.dll
2014-10-02 01:06 - 2014-05-19 21:20 - 00039424 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SATA.dll
2014-10-02 01:06 - 2014-05-19 21:19 - 00038400 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAT.dll
2014-10-02 01:06 - 2014-05-19 21:20 - 00031232 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SMINI.dll
2014-10-02 01:06 - 2014-05-19 21:19 - 00029696 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAS.dll
2012-02-21 19:31 - 2010-12-22 03:17 - 00066856 _____ () C:\Windows\SysWOW64\SynTPEnhPS.dll
2014-11-24 12:48 - 2014-11-24 12:48 - 00043008 _____ () c:\users\steve\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwrwwde.dll
2013-08-23 13:01 - 2013-08-23 13:01 - 25100288 _____ () C:\Users\Steve\AppData\Roaming\Dropbox\bin\libcef.dll
2014-11-12 17:35 - 2014-11-12 17:35 - 01685528 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2014-10-14 21:11 - 2014-10-14 21:11 - 03339376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-10-14 21:11 - 2014-10-14 21:11 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-10-14 21:11 - 2014-10-14 21:11 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-11-24 07:43 - 2014-11-14 15:15 - 01077064 _____ () C:\Users\Steve\AppData\Local\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
2014-11-24 07:43 - 2014-11-14 15:15 - 00211272 _____ () C:\Users\Steve\AppData\Local\Google\Chrome\Application\39.0.2171.65\libegl.dll
2014-11-24 07:43 - 2014-11-14 15:15 - 09009480 _____ () C:\Users\Steve\AppData\Local\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-24 07:43 - 2014-11-14 15:15 - 01677128 _____ () C:\Users\Steve\AppData\Local\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Steve\Desktop\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Steve\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\Steve\Downloads\rrsetup.exe:BDU
AlternateDataStreams: C:\Users\Steve\Downloads\ShadowExplorer-0.9-setup (1).exe:BDU
AlternateDataStreams: C:\Users\Steve\Downloads\ShadowExplorer-0.9-setup.exe:BDU
AlternateDataStreams: C:\Users\Steve\Downloads\StrongholdAntiMalware.exe:BDU
AlternateDataStreams: C:\Users\Steve\Downloads\TorrentUnlocker (2).exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-198695108-46086056-2637541285-500 - Administrator - Disabled)
Guest (S-1-5-21-198695108-46086056-2637541285-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-198695108-46086056-2637541285-1002 - Limited - Enabled)
Steve (S-1-5-21-198695108-46086056-2637541285-1000 - Administrator - Enabled) => C:\Users\Steve
==================== Faulty Device Manager Devices =============
Name: Photosmart Wireless B109n-z
Description: Photosmart Wireless B109n-z
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart 7510 series
Description: Photosmart 7510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Wireless B109n-z
Description: Photosmart Wireless B109n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/24/2014 02:01:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 23.11.2014.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2470
Start Time: 01d008215601552a
Termination Time: 4
Application Path: C:\Users\Steve\Downloads\FRST64.exe
Report Id:
Error: (11/24/2014 01:54:25 PM) (Source: MsiInstaller) (EventID: 11500) (User: JuiceBox)
Description: Product: Microsoft .NET Framework 4 Client Profile -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
Error: (11/24/2014 01:34:58 PM) (Source: MsiInstaller) (EventID: 1023) (User: JuiceBox)
Description: Product: Microsoft Silverlight - Update 'Microsoft Silverlight 5.1.30514.0' could not be installed. Error code 1603. Additional information is available in the log file C:\Users\Steve\AppData\Local\Temp\SilverlightMSI.log.
Error: (11/24/2014 01:34:56 PM) (Source: MsiInstaller) (EventID: 11406) (User: JuiceBox)
Description: Product: Microsoft Silverlight -- Error 1406. Could not write value to key \Software\Classes\Interface\{EE38D0F1-5AE3-408C-A6BF-8410E645F376}. System error . Verify that you have sufficient access to that key, or contact your support personnel.
System errors:
=============
Error: (11/24/2014 01:35:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Silverlight (KB2977218).
Microsoft Office Sessions:
=========================
Error: (11/24/2014 02:01:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe23.11.2014.1247001d008215601552a4C:\Users\Steve\Downloads\FRST64.exe
Error: (11/24/2014 01:54:25 PM) (Source: MsiInstaller) (EventID: 11500) (User: JuiceBox)
Description: Product: Microsoft .NET Framework 4 Client Profile -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/24/2014 01:34:58 PM) (Source: MsiInstaller) (EventID: 1023) (User: JuiceBox)
Description: Microsoft SilverlightMicrosoft Silverlight 5.1.30514.01603C:\Users\Steve\AppData\Local\Temp\SilverlightMSI.log(NULL)(NULL)
Error: (11/24/2014 01:34:56 PM) (Source: MsiInstaller) (EventID: 11406) (User: JuiceBox)
Description: Product: Microsoft Silverlight -- Error 1406. Could not write value to key \Software\Classes\Interface\{EE38D0F1-5AE3-408C-A6BF-8410E645F376}. System error . Verify that you have sufficient access to that key, or contact your support personnel.(NULL)(NULL)(NULL)(NULL)(NULL)
CodeIntegrity Errors:
===================================
Date: 2014-11-24 13:08:22.829
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 13:08:22.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 13:08:22.632
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appidapi.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 13:08:22.517
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 13:08:22.418
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-11-24 13:08:22.324
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_b3bab697e502a956\appid.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 68%
Total physical RAM: 16331.86 MB
Available physical RAM: 5206.89 MB
Total Pagefile: 24469.04 MB
Available Pagefile: 12123.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:429.9 GB) (Free:239.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:34.47 GB) (Free:17.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.08 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0523FFD2)
Partition 1: (Active) - (Size=1.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=429.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=34.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=88 MB) - (Type=0C)
==================== End Of Log ============================
Infection Detection Tool v1.6 - Nathan Scott
--------------------------------------------
Date/Time: 24/11/2014 2:08:51 PM
Operating System: Windows 7
Service Pack: Service Pack 1
Version Number: 6.1
Product Type: Workstation
--------------------------------------------
[Detected Flags]
1.| Possible TorrentLocker Flag , C:\Users\Steve\Pictures\A221AFB4711C4372D4C1375EAA7EEA9D.jpg.encrypted
2.| Possible TorrentLocker Flag , C:\Users\Steve\Pictures\DECRYPT_INSTRUCTIONS.html