Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

PC hangs on shutdown and many other times

Started by centaurcoach , Dec 02 2014 05:48 PM

  • Please log in to reply
1 reply to this topic

#1 centaurcoach

centaurcoach

    Authentic Member

  • Authentic Member
  • PipPip
  • 53 posts

Posted 02 December 2014 - 05:48 PM

Problem may have originated from audible.com subscription and itunes involvement, but not sure. Safe mode is the only way I could have completed these scans or posted this message. Computer is nearly unusable otherwise. Please help.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014
Ran by JBH (administrator) on LLANO2012 on 02-12-2014 18:24:03
Running from C:\Users\JBH\Desktop
Loaded Profile: JBH (Available profiles: JBH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Farbar) C:\Users\JBH\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11831400 2011-04-21] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-03-25] (Lenovo)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [Akamai NetSession Interface] => C:\Users\JBH\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [SetupWizard] => F:\SetupWizard.exe reboot
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll [453680 2014-03-25] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [363504 2014-03-25] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yah...}&fr=chr-comodo
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ent/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{6156732B-ABFC-41D3-9628-1A5665D65B9E}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{87044CB9-528E-4244-B4DA-CC39EC19C7DB}: [NameServer] 156.154.70.22,156.154.71.22

FireFox:
========
FF ProfilePath: C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Facebook Translate - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\facebook-translate@oliver.schloebe.de [2014-04-05]
FF Extension: iCloud Bookmarks - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\firefoxdav@icloud.com [2014-11-14]
FF Extension: NetVideoHunter - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\netvideohunter@netvideohunter.com [2014-07-31]
FF Extension: Gmelius - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\gmailadsremover@florian.bersier.xpi [2012-07-10]
FF Extension: NoSquint - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\nosquint@urandom.ca.xpi [2012-06-02]
FF Extension: Zotero - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-02]
FF Extension: New Tab Homepage - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2012-07-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-18]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-13]
CHR Extension: (Google Docs) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-13]
CHR Extension: (Google Drive) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-13]
CHR Extension: (YouTube) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-13]
CHR Extension: (Google Search) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-13]
CHR Extension: (Google Sheets) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-13]
CHR Extension: (Avast Online Security) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-13]
CHR Extension: (Google Wallet) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-13]
CHR Extension: (Gmail) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-15] (Advanced Micro Devices, Inc.) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-12] (Avast Software)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 CVShell Service; C:\Program Files (x86)\ACD Systems\Canvas 12\CVShellSrv.exe [257400 2010-12-23] (ACD Systems of America Inc.)
S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [454656 2010-05-19] () [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10208256 2011-12-14] (ATI Technologies Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [317952 2011-12-14] (Advanced Micro Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-12] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-12] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-12] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-21] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-12] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293272 2010-12-23] (Windows ® Win 7 DDK provider)
S3 aswVmm; \??\C:\Users\JBH\AppData\Local\Temp\aswVmm.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U3 aswMBR; \??\C:\Users\JBH\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-02 18:24 - 2014-12-02 18:24 - 00023082 _____ () C:\Users\JBH\Desktop\FRST.txt
2014-12-02 18:23 - 2014-12-02 18:24 - 00000000 ____D () C:\FRST
2014-12-02 16:10 - 2014-12-02 18:23 - 00000000 ____D () C:\Users\JBH\Desktop\aswMBR
2014-12-02 16:07 - 2014-12-02 16:08 - 02117120 _____ (Farbar) C:\Users\JBH\Desktop\FRST64(1).exe
2014-12-02 15:28 - 2014-12-02 18:23 - 00000000 ____D () C:\Users\JBH\Desktop\Farbar
2014-12-02 15:21 - 2014-12-02 15:23 - 02117120 _____ (Farbar) C:\Users\JBH\Downloads\FRST64.exe
2014-12-02 10:19 - 2014-12-02 10:20 - 05198336 _____ (AVAST Software) C:\Users\JBH\Desktop\aswMBR.exe
2014-12-02 09:44 - 2014-12-02 09:44 - 00000330 _____ () C:\windows\PFRO.log
2014-12-02 08:27 - 2014-11-12 10:26 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-12-02 07:48 - 2014-12-02 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-01 23:59 - 2014-12-02 07:28 - 00000000 ____D () C:\Program Files (x86)\iPodder
2014-12-01 23:59 - 2014-12-01 23:59 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPodder
2014-12-01 23:59 - 2014-12-01 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPodder
2014-12-01 09:59 - 2014-12-02 09:57 - 00000327 _____ () C:\windows\setupact.log
2014-12-01 09:59 - 2014-12-01 09:59 - 00000000 _____ () C:\windows\setuperr.log
2014-11-30 22:46 - 2014-11-30 22:47 - 00000000 ____D () C:\Users\JBH\Downloads\Dan Simmons (All Chaptered)
2014-11-30 18:46 - 2014-12-02 08:15 - 00000000 ____D () C:\Users\JBH\Documents\Audible
2014-11-30 18:46 - 2014-11-30 18:46 - 01672880 _____ (Audible, Inc.) C:\Users\JBH\Downloads\AudibleDM_iTunesSetup.exe
2014-11-30 18:46 - 2014-11-30 18:46 - 00000000 ____D () C:\Users\Public\Documents\Audible
2014-11-28 00:22 - 2014-12-02 08:01 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-11-28 00:22 - 2014-11-28 00:22 - 00048392 _____ (COMODO CA Limited) C:\windows\SysWOW64\certsentry.dll
2014-11-27 08:36 - 2014-12-02 08:13 - 00000000 ___HD () C:\VTRoot
2014-11-27 08:36 - 2014-11-27 08:51 - 00065756 _____ () C:\windows\system32\Drivers\fvstore.dat
2014-11-26 06:06 - 2014-11-26 06:06 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-26 05:57 - 2014-11-26 05:57 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\Comodo
2014-11-26 05:56 - 2014-12-02 08:16 - 00000000 ____D () C:\windows\System32\Tasks\COMODO
2014-11-26 05:56 - 2014-11-26 05:56 - 00000000 ____D () C:\ProgramData\Shared Space
2014-11-26 05:56 - 2014-03-25 14:22 - 00352984 _____ (COMODO) C:\windows\system32\cmdvrt64.dll
2014-11-26 05:56 - 2014-03-25 14:22 - 00284888 _____ (COMODO) C:\windows\SysWOW64\cmdvrt32.dll
2014-11-26 05:56 - 2014-03-25 14:22 - 00045784 _____ (COMODO) C:\windows\system32\cmdkbd64.dll
2014-11-26 05:56 - 2014-03-25 14:22 - 00040664 _____ (COMODO) C:\windows\SysWOW64\cmdkbd32.dll
2014-11-19 07:34 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 07:34 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 07:34 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 07:34 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-14 22:22 - 2014-12-02 15:48 - 00000000 ____D () C:\Users\JBH\Downloads\Dr Green
2014-11-14 18:39 - 2014-11-21 23:31 - 00000000 ___HD () C:\Users\JBH\Downloads\porn
2014-11-13 19:31 - 2014-12-02 15:36 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 19:31 - 2014-12-02 10:58 - 00000888 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 19:31 - 2014-12-02 08:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-13 19:31 - 2014-11-13 19:31 - 00003888 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 19:31 - 2014-11-13 19:31 - 00003636 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 19:30 - 2014-11-13 19:30 - 00880784 _____ (Google Inc.) C:\Users\JBH\Downloads\ChromeSetup.exe
2014-11-12 18:11 - 2014-11-12 18:11 - 00000000 __SHD () C:\Users\JBH\AppData\Local\EmieBrowserModeList
2014-11-12 10:51 - 2014-11-12 10:51 - 00000247 _____ () C:\windows\system32\2014-11-12-15-51-59.031-aswFe.exe-2260.log
2014-11-12 10:51 - 2014-11-12 10:51 - 00000197 _____ () C:\windows\system32\2014-11-12-15-51-51.003-AvastVBoxSVC.exe-2544.log
2014-11-12 10:33 - 2014-11-12 10:34 - 00000000 ____D () C:\windows\SysWOW64\vbox
2014-11-12 10:33 - 2014-11-12 10:34 - 00000000 ____D () C:\windows\system32\vbox
2014-11-12 10:27 - 2014-12-02 08:28 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-12 10:26 - 2014-11-12 10:26 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-12 09:28 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-12 09:28 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-12 09:28 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-12 09:28 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:28 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-12 09:28 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-12 09:28 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-12 09:28 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 09:28 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-12 09:28 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-12 09:28 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-12 09:28 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-12 09:27 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-12 09:27 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-12 09:27 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-12 09:27 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-12 09:27 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-12 09:27 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-12 09:27 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-12 09:27 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-12 09:27 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-12 09:27 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-12 09:27 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-12 09:27 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-12 09:27 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-12 09:27 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-12 09:27 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-12 09:27 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-12 09:27 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-12 09:27 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-12 09:27 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:27 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-12 09:27 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-12 09:27 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-12 09:27 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-12 09:27 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-12 09:27 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-12 09:27 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:27 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-12 09:27 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-12 09:27 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-12 09:27 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-12 09:27 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-12 09:27 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-12 09:27 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-12 09:27 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-12 09:27 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-12 09:27 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-12 09:27 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:27 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-12 09:27 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-12 09:27 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-12 09:27 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-12 09:27 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-12 09:27 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-12 09:27 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-12 09:27 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-12 09:27 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-12 09:27 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-12 09:27 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-12 09:27 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-12 09:27 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-12 09:27 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-12 09:27 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-12 09:27 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-12 09:27 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-12 09:27 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-12 09:27 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-12 09:27 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-12 09:27 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-12 09:27 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-12 09:27 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-12 09:26 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-12 09:26 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-12 09:26 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-12 09:26 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-12 09:26 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-12 09:26 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-12 09:26 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-12 09:26 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-12 09:25 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-12 09:25 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-12 09:25 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-12 09:16 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-12 09:16 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-10 19:41 - 2014-11-10 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-07 23:26 - 2014-11-30 18:50 - 00000000 ____D () C:\Users\JBH\Downloads\New folder
2014-11-05 00:00 - 2014-11-05 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-02 15:47 - 2009-07-14 00:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-02 15:43 - 2012-03-25 03:14 - 00654632 _____ () C:\windows\system32\fastboot.set
2014-12-02 15:39 - 2012-03-25 03:13 - 05390556 _____ () C:\FaceProv.log
2014-12-02 15:28 - 2014-05-17 20:39 - 00000000 ____D () C:\Users\JBH\Desktop\Photo Dump 051714
2014-12-02 15:28 - 2013-10-23 06:50 - 00000000 ____D () C:\Users\JBH\Documents\UC
2014-12-02 15:28 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Pdfs
2014-12-02 15:26 - 2009-07-13 23:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 15:26 - 2009-07-13 23:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 15:19 - 2013-07-23 15:28 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 10:25 - 2012-04-28 20:27 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\vlc
2014-12-02 09:53 - 2013-12-25 23:47 - 01356131 _____ () C:\windows\WindowsUpdate.log
2014-12-02 09:48 - 2012-07-16 07:57 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-12-02 09:45 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-02 08:24 - 2013-02-18 09:07 - 00000000 ____D () C:\Users\JBH\Documents\Notes
2014-12-02 08:18 - 2012-04-18 22:36 - 00000000 ____D () C:\Users\JBH
2014-12-02 08:16 - 2013-05-13 06:08 - 00000000 ____D () C:\Users\JBH\Documents\FotoMorph Data
2014-12-02 08:16 - 2012-12-19 21:31 - 00000000 ____D () C:\Users\JBH\Documents\Sacrosomatics
2014-12-02 08:16 - 2012-12-10 10:50 - 00000000 ____D () C:\Users\JBH\Documents\Higgins PT
2014-12-02 08:16 - 2012-07-07 22:44 - 00000000 ____D () C:\Users\JBH\Documents\Heilman Chiropractic
2014-12-02 08:16 - 2012-06-23 19:11 - 00000000 ____D () C:\windows\system32\Macromed
2014-12-02 08:16 - 2012-05-29 15:32 - 00000000 ____D () C:\Users\JBH\Documents\WordPressAcademy
2014-12-02 08:16 - 2012-05-29 15:32 - 00000000 ____D () C:\Users\JBH\Documents\Thomas Passananti
2014-12-02 08:16 - 2012-05-29 15:26 - 00000000 ____D () C:\Users\JBH\Documents\Spinal Explorer
2014-12-02 08:16 - 2012-05-29 15:24 - 00000000 ____D () C:\Users\JBH\Documents\Soobie
2014-12-02 08:16 - 2012-05-29 15:18 - 00000000 ____D () C:\Users\JBH\Documents\RPM Juice
2014-12-02 08:16 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Phase customization
2014-12-02 08:16 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Oregon
2014-12-02 08:16 - 2012-05-29 15:15 - 00000000 ___SD () C:\Users\JBH\Documents\My Webs
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Mom
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Medicinal plants
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\MARKETING
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Maps
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Making PVC Didgeridoos_files
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Lifestyle Design School
2014-12-02 08:16 - 2012-05-29 14:54 - 00000000 ____D () C:\Users\JBH\Documents\Internet101
2014-12-02 08:16 - 2012-05-29 14:53 - 00000000 ____D () C:\Users\JBH\Documents\INTEGRAL
2014-12-02 08:16 - 2012-05-29 14:52 - 00000000 ____D () C:\Users\JBH\Documents\Image Expert Images
2014-12-02 08:16 - 2012-05-29 14:49 - 00000000 ____D () C:\Users\JBH\Documents\Home Transformations
2014-12-02 08:16 - 2012-05-29 14:49 - 00000000 ____D () C:\Users\JBH\Documents\HigherHealthPathways
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Health Eq
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Handyman business
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Group W
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Forms
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\For Bridget
2014-12-02 08:16 - 2012-05-29 14:47 - 00000000 ___RD () C:\Users\JBH\Documents\Dropbox
2014-12-02 08:16 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\Erin and AJ
2014-12-02 08:16 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\epson10328
2014-12-02 08:16 - 2012-05-29 14:44 - 00000000 ____D () C:\Users\JBH\Documents\driverback
2014-12-02 08:16 - 2012-05-24 11:45 - 00000000 ____D () C:\Users\JBH\Documents\Receipts
2014-12-02 08:15 - 2014-10-27 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-02 08:15 - 2014-10-27 17:59 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-02 08:15 - 2014-10-27 17:59 - 00000000 ____D () C:\Program Files\iTunes
2014-12-02 08:15 - 2014-09-05 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-02 08:15 - 2014-08-19 14:37 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\uTorrent
2014-12-02 08:15 - 2012-07-04 08:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-02 08:15 - 2012-06-18 22:15 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\Skype
2014-12-02 08:15 - 2012-05-29 14:44 - 00000000 ____D () C:\Users\JBH\Documents\Dr Heilman Sleep System
2014-12-02 08:15 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\Documents By Date
2014-12-02 08:15 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\CTS
2014-12-02 08:15 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\Correspondence
2014-12-02 08:15 - 2012-05-29 14:36 - 00000000 ____D () C:\Users\JBH\Documents\Come Alive Chiropractic
2014-12-02 08:15 - 2012-05-29 14:36 - 00000000 ____D () C:\Users\JBH\Documents\COLOR
2014-12-02 08:15 - 2012-05-29 14:35 - 00000000 ____D () C:\Users\JBH\Documents\Coaching Business
2014-12-02 08:15 - 2012-05-29 14:35 - 00000000 ____D () C:\Users\JBH\Documents\CLINIC
2014-12-02 08:15 - 2012-05-29 14:35 - 00000000 ____D () C:\Users\JBH\Documents\Chiropractic Self-care.com
2014-12-02 08:15 - 2012-05-29 14:34 - 00000000 ____D () C:\Users\JBH\Documents\Chiropractic
2014-12-02 08:15 - 2012-05-29 14:33 - 00000000 ____D () C:\Users\JBH\Documents\Chinese
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\CCleaner
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Catopia
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Canvas files
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\BodhiWork
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Bluehost
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Anti Aging Coach
2014-12-02 08:15 - 2012-05-29 14:31 - 00000000 ____D () C:\Users\JBH\Documents\Affiliate
2014-12-02 08:15 - 2012-05-29 14:30 - 00000000 ____D () C:\Users\JBH\Documents\000000
2014-12-02 08:15 - 2012-05-19 06:38 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 08:15 - 2012-04-22 08:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 08:15 - 2012-04-22 08:32 - 00000000 ____D () C:\Users\JBH\Documents\cc backups
2014-12-02 08:15 - 2012-04-20 22:21 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\ArcSoft
2014-12-02 08:15 - 2012-04-20 19:47 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-12-02 08:15 - 2012-04-18 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-12-02 08:14 - 2014-10-27 17:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-02 08:13 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration
2014-12-02 08:12 - 2012-06-12 11:05 - 00000000 ____D () C:\Users\JBH\Documents\mohan
2014-12-02 08:12 - 2012-05-31 19:42 - 00000000 ____D () C:\Users\JBH\Documents\Poetry
2014-12-02 08:12 - 2012-05-29 15:26 - 00000000 ____D () C:\Users\JBH\Documents\Teachers
2014-12-02 08:12 - 2012-05-29 15:18 - 00000000 ____D () C:\Users\JBH\Documents\resumes
2014-12-02 08:12 - 2012-05-29 15:15 - 00000000 ____D () C:\Users\JBH\Documents\NLP
2014-12-02 08:12 - 2012-05-29 14:56 - 00000000 ____D () C:\Users\JBH\Documents\My Games
2014-12-02 08:12 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\JAMA and other memberships
2014-12-02 08:11 - 2012-05-29 14:53 - 00000000 ____D () C:\Users\JBH\Documents\images
2014-12-02 08:11 - 2012-05-29 14:50 - 00000000 ____D () C:\Users\JBH\Documents\Hypnosis
2014-12-02 08:11 - 2012-05-29 14:49 - 00000000 ____D () C:\Users\JBH\Documents\Homo centaurus
2014-12-02 08:11 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Finance
2014-12-02 08:11 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\eFax
2014-12-02 08:11 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\EASTGATE
2014-12-02 08:11 - 2012-05-16 07:23 - 00000000 ____D () C:\Users\JBH\Documents\Fax
2014-12-02 08:06 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\Credit
2014-12-02 08:06 - 2012-05-29 14:37 - 00000000 ____D () C:\Users\JBH\Documents\CopyWriting
2014-12-02 08:04 - 2013-05-12 22:58 - 00000000 ____D () C:\Users\JBH\Documents\Broom making
2014-12-02 08:04 - 2012-05-29 14:33 - 00000000 ____D () C:\Users\JBH\Documents\Chiro portrait 10-14-05
2014-12-02 08:04 - 2012-05-29 14:31 - 00000000 ____D () C:\Users\JBH\Documents\Anita Saran
2014-12-02 08:04 - 2012-05-29 14:31 - 00000000 ____D () C:\Users\JBH\Documents\ACT
2014-12-02 08:02 - 2014-10-27 17:59 - 00000000 ____D () C:\Program Files\iPod
2014-12-02 08:01 - 2012-04-22 06:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-29 00:26 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Passananti
2014-11-28 00:22 - 2014-05-29 12:17 - 00057096 _____ (COMODO CA Limited) C:\windows\system32\certsentry.dll
2014-11-26 12:19 - 2013-07-23 15:28 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 12:19 - 2013-07-23 15:28 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 12:19 - 2013-07-23 15:28 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 00:32 - 2012-04-20 21:50 - 00000000 ____D () C:\Users\JBH\Documents\Youcam
2014-11-26 00:05 - 2012-04-20 19:47 - 00018138 _____ () C:\windows\system32\lvcoinst.log
2014-11-22 07:56 - 2014-09-07 08:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-22 01:14 - 2014-08-09 09:32 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 22:27 - 2012-04-18 22:55 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-20 22:44 - 2014-05-21 10:17 - 00000000 ____D () C:\Users\JBH\Desktop\FOR SALE
2014-11-13 19:32 - 2012-04-18 22:50 - 00000000 ____D () C:\Users\JBH\AppData\Local\Google
2014-11-13 19:31 - 2012-03-25 03:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-12 16:52 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-11-12 16:15 - 2009-07-13 23:45 - 00289984 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 16:11 - 2014-05-07 07:47 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-12 12:09 - 2013-07-25 02:41 - 00000000 ____D () C:\windows\system32\MRT
2014-11-12 11:31 - 2012-04-22 21:46 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 10:28 - 2012-05-29 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 10:26 - 2014-06-06 03:02 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-12 10:26 - 2013-12-22 11:49 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-12 10:26 - 2013-03-14 18:16 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-12 10:26 - 2013-03-14 18:16 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-12 10:26 - 2012-04-18 22:55 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-12 10:26 - 2012-04-18 22:55 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-12 10:26 - 2012-04-18 22:55 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-05 23:21 - 2014-01-11 22:09 - 00000000 ____D () C:\Users\JBH\Desktop\Theresa
2014-11-04 14:30 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\JBH\AppData\Local\Temp\AudibleDM_iTunesSetup.exe
C:\Users\JBH\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-02 16:09:57
-----------------------------
16:09:57.268    OS Version: Windows x64 6.1.7601 Service Pack 1
16:09:57.268    Number of processors: 4 586 0x100
16:09:57.268    ComputerName: LLANO2012  UserName: JBH
16:10:43.023    Initialize success
16:10:52.040    AVAST engine defs: 14120201
16:14:25.355    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000074
16:14:25.355    Disk 0 Vendor: ST950032 0011 Size: 476940MB BusType: 11
16:14:25.901    Disk 0 MBR read successfully
16:14:25.916    Disk 0 MBR scan
16:14:26.556    Disk 0 Windows 7 default MBR code
16:14:26.571    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          200 MB offset 2048
16:14:26.571    Disk 0 default boot code
16:14:26.868    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       431938 MB offset 411648
16:14:26.883    Disk 0 Partition - 00     0F Extended LBA             29692 MB offset 885020672
16:14:26.915    Disk 0 Partition 3 00     12  Compaq diag NTFS        15109 MB offset 945829888
16:14:26.961    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS        29691 MB offset 885022720
16:14:27.258    Disk 0 scanning C:\windows\system32\drivers
16:14:42.031    Service scanning
16:15:06.695    Modules scanning
16:15:06.695    Disk 0 trace - called modules:
16:15:06.726    ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
16:15:06.726    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005a08060]
16:15:06.742    3 CLASSPNP.SYS[fffff8800198343f] -> nt!IofCallDriver -> [0xfffffa8005214b80]
16:15:06.742    5 amdxata.sys[fffff880010d97a8] -> nt!IofCallDriver -> \Device\00000074[0xfffffa80054379c0]
16:15:07.849    AVAST engine scan C:\windows
16:15:11.515    AVAST engine scan C:\windows\system32
16:18:14.722    AVAST engine scan C:\windows\system32\drivers
16:18:28.231    AVAST engine scan C:\Users\JBH
17:51:50.130    AVAST engine scan C:\ProgramData
17:59:36.618    Disk 0 statistics 6127058/0/0 @ 0.57 MB/s
17:59:36.649    Scan finished successfully
18:23:04.086    Disk 0 MBR has been saved successfully to "C:\Users\JBH\Desktop\aswMBR\MBR.dat"
18:23:04.101    The log file has been saved successfully to "C:\Users\JBH\Desktop\aswMBR\aswMBR.txt"




==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 10:26

==================== End Of Log ============================


    Advertisements

Register to Remove

#2 centaurcoach

centaurcoach

    Authentic Member

  • Authentic Member
  • PipPip
  • 53 posts

Posted 06 December 2014 - 10:51 PM

Thanks anyway.

 

Most of the problem seems to have been a cluttered hard drive to near to capacity.


Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·