Problem may have originated from audible.com subscription and itunes involvement, but not sure. Safe mode is the only way I could have completed these scans or posted this message. Computer is nearly unusable otherwise. Please help.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014
Ran by JBH (administrator) on LLANO2012 on 02-12-2014 18:24:03
Running from C:\Users\JBH\Desktop
Loaded Profile: JBH (Available profiles: JBH)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Farbar) C:\Users\JBH\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11831400 2011-04-21] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-03-25] (Lenovo)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [Akamai NetSession Interface] => C:\Users\JBH\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [SetupWizard] => F:\SetupWizard.exe reboot
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll [453680 2014-03-25] (COMODO)
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [363504 2014-03-25] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\JBH\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-3722793996-1674335959-776591757-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yah...}&fr=chr-comodo
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-3722793996-1674335959-776591757-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ent/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{6156732B-ABFC-41D3-9628-1A5665D65B9E}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{87044CB9-528E-4244-B4DA-CC39EC19C7DB}: [NameServer] 156.154.70.22,156.154.71.22
FireFox:
========
FF ProfilePath: C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.com/
FF Keyword.URL: hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Facebook Translate - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\facebook-translate@oliver.schloebe.de [2014-04-05]
FF Extension: iCloud Bookmarks - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\firefoxdav@icloud.com [2014-11-14]
FF Extension: NetVideoHunter - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\netvideohunter@netvideohunter.com [2014-07-31]
FF Extension: Gmelius - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\gmailadsremover@florian.bersier.xpi [2012-07-10]
FF Extension: NoSquint - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\nosquint@urandom.ca.xpi [2012-06-02]
FF Extension: Zotero - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-04-02]
FF Extension: New Tab Homepage - C:\Users\JBH\AppData\Roaming\Mozilla\Firefox\Profiles\luee5eq8.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2012-07-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-11-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-18]
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR Profile: C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-13]
CHR Extension: (Google Docs) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-13]
CHR Extension: (Google Drive) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-13]
CHR Extension: (YouTube) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-13]
CHR Extension: (Google Search) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-13]
CHR Extension: (Google Sheets) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-13]
CHR Extension: (Avast Online Security) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-13]
CHR Extension: (Google Wallet) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-13]
CHR Extension: (Gmail) - C:\Users\JBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-12-15] (Advanced Micro Devices, Inc.) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-12] (Avast Software)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 CVShell Service; C:\Program Files (x86)\ACD Systems\Canvas 12\CVShellSrv.exe [257400 2010-12-23] (ACD Systems of America Inc.)
S2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
S2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\RT2860 Wireless LAN Card\ExtraFiles\RaMediaServer.exe [454656 2010-05-19] () [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10208256 2011-12-14] (ATI Technologies Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [317952 2011-12-14] (Advanced Micro Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-12] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-12] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-12] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-21] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-12] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-12] (AVAST Software)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
S3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3293272 2010-12-23] (Windows ® Win 7 DDK provider)
S3 aswVmm; \??\C:\Users\JBH\AppData\Local\Temp\aswVmm.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
U3 aswMBR; \??\C:\Users\JBH\AppData\Local\Temp\aswMBR.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-02 18:24 - 2014-12-02 18:24 - 00023082 _____ () C:\Users\JBH\Desktop\FRST.txt
2014-12-02 18:23 - 2014-12-02 18:24 - 00000000 ____D () C:\FRST
2014-12-02 16:10 - 2014-12-02 18:23 - 00000000 ____D () C:\Users\JBH\Desktop\aswMBR
2014-12-02 16:07 - 2014-12-02 16:08 - 02117120 _____ (Farbar) C:\Users\JBH\Desktop\FRST64(1).exe
2014-12-02 15:28 - 2014-12-02 18:23 - 00000000 ____D () C:\Users\JBH\Desktop\Farbar
2014-12-02 15:21 - 2014-12-02 15:23 - 02117120 _____ (Farbar) C:\Users\JBH\Downloads\FRST64.exe
2014-12-02 10:19 - 2014-12-02 10:20 - 05198336 _____ (AVAST Software) C:\Users\JBH\Desktop\aswMBR.exe
2014-12-02 09:44 - 2014-12-02 09:44 - 00000330 _____ () C:\windows\PFRO.log
2014-12-02 08:27 - 2014-11-12 10:26 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-12-02 07:48 - 2014-12-02 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-01 23:59 - 2014-12-02 07:28 - 00000000 ____D () C:\Program Files (x86)\iPodder
2014-12-01 23:59 - 2014-12-01 23:59 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPodder
2014-12-01 23:59 - 2014-12-01 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPodder
2014-12-01 09:59 - 2014-12-02 09:57 - 00000327 _____ () C:\windows\setupact.log
2014-12-01 09:59 - 2014-12-01 09:59 - 00000000 _____ () C:\windows\setuperr.log
2014-11-30 22:46 - 2014-11-30 22:47 - 00000000 ____D () C:\Users\JBH\Downloads\Dan Simmons (All Chaptered)
2014-11-30 18:46 - 2014-12-02 08:15 - 00000000 ____D () C:\Users\JBH\Documents\Audible
2014-11-30 18:46 - 2014-11-30 18:46 - 01672880 _____ (Audible, Inc.) C:\Users\JBH\Downloads\AudibleDM_iTunesSetup.exe
2014-11-30 18:46 - 2014-11-30 18:46 - 00000000 ____D () C:\Users\Public\Documents\Audible
2014-11-28 00:22 - 2014-12-02 08:01 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-11-28 00:22 - 2014-11-28 00:22 - 00048392 _____ (COMODO CA Limited) C:\windows\SysWOW64\certsentry.dll
2014-11-27 08:36 - 2014-12-02 08:13 - 00000000 ___HD () C:\VTRoot
2014-11-27 08:36 - 2014-11-27 08:51 - 00065756 _____ () C:\windows\system32\Drivers\fvstore.dat
2014-11-26 06:06 - 2014-11-26 06:06 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-11-26 05:57 - 2014-11-26 05:57 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\Comodo
2014-11-26 05:56 - 2014-12-02 08:16 - 00000000 ____D () C:\windows\System32\Tasks\COMODO
2014-11-26 05:56 - 2014-11-26 05:56 - 00000000 ____D () C:\ProgramData\Shared Space
2014-11-26 05:56 - 2014-03-25 14:22 - 00352984 _____ (COMODO) C:\windows\system32\cmdvrt64.dll
2014-11-26 05:56 - 2014-03-25 14:22 - 00284888 _____ (COMODO) C:\windows\SysWOW64\cmdvrt32.dll
2014-11-26 05:56 - 2014-03-25 14:22 - 00045784 _____ (COMODO) C:\windows\system32\cmdkbd64.dll
2014-11-26 05:56 - 2014-03-25 14:22 - 00040664 _____ (COMODO) C:\windows\SysWOW64\cmdkbd32.dll
2014-11-19 07:34 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-19 07:34 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-19 07:34 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-19 07:34 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-14 22:22 - 2014-12-02 15:48 - 00000000 ____D () C:\Users\JBH\Downloads\Dr Green
2014-11-14 18:39 - 2014-11-21 23:31 - 00000000 ___HD () C:\Users\JBH\Downloads\porn
2014-11-13 19:31 - 2014-12-02 15:36 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 19:31 - 2014-12-02 10:58 - 00000888 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 19:31 - 2014-12-02 08:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-13 19:31 - 2014-11-13 19:31 - 00003888 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 19:31 - 2014-11-13 19:31 - 00003636 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 19:30 - 2014-11-13 19:30 - 00880784 _____ (Google Inc.) C:\Users\JBH\Downloads\ChromeSetup.exe
2014-11-12 18:11 - 2014-11-12 18:11 - 00000000 __SHD () C:\Users\JBH\AppData\Local\EmieBrowserModeList
2014-11-12 10:51 - 2014-11-12 10:51 - 00000247 _____ () C:\windows\system32\2014-11-12-15-51-59.031-aswFe.exe-2260.log
2014-11-12 10:51 - 2014-11-12 10:51 - 00000197 _____ () C:\windows\system32\2014-11-12-15-51-51.003-AvastVBoxSVC.exe-2544.log
2014-11-12 10:33 - 2014-11-12 10:34 - 00000000 ____D () C:\windows\SysWOW64\vbox
2014-11-12 10:33 - 2014-11-12 10:34 - 00000000 ____D () C:\windows\system32\vbox
2014-11-12 10:27 - 2014-12-02 08:28 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-11-12 10:26 - 2014-11-12 10:26 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-11-12 09:28 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-11-12 09:28 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-11-12 09:28 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-11-12 09:28 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:28 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-12 09:28 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-12 09:28 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-12 09:28 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-12 09:28 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-12 09:28 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-12 09:28 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-12 09:28 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-12 09:27 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-12 09:27 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-12 09:27 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-12 09:27 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-12 09:27 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-12 09:27 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-12 09:27 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-12 09:27 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-12 09:27 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-12 09:27 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-12 09:27 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-12 09:27 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-12 09:27 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-12 09:27 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-12 09:27 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-12 09:27 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-12 09:27 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-12 09:27 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-12 09:27 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:27 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-12 09:27 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-12 09:27 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-12 09:27 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-12 09:27 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-12 09:27 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-12 09:27 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:27 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-12 09:27 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-12 09:27 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-12 09:27 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-12 09:27 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-12 09:27 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-12 09:27 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-12 09:27 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-12 09:27 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-12 09:27 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-12 09:27 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:27 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-12 09:27 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-12 09:27 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-12 09:27 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-12 09:27 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-12 09:27 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-12 09:27 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-12 09:27 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-12 09:27 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-12 09:27 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-12 09:27 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-12 09:27 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-12 09:27 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-12 09:27 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-12 09:27 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-12 09:27 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-12 09:27 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-12 09:27 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-12 09:27 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-12 09:27 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-12 09:27 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-12 09:27 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-12 09:27 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-12 09:26 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-12 09:26 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-12 09:26 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-12 09:26 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-12 09:26 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-12 09:26 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-12 09:26 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-12 09:26 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-12 09:26 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-12 09:26 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-12 09:26 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-12 09:25 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-12 09:25 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-12 09:25 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-11-12 09:16 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-12 09:16 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-10 19:41 - 2014-11-10 19:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-07 23:26 - 2014-11-30 18:50 - 00000000 ____D () C:\Users\JBH\Downloads\New folder
2014-11-05 00:00 - 2014-11-05 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-02 15:47 - 2009-07-14 00:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-02 15:43 - 2012-03-25 03:14 - 00654632 _____ () C:\windows\system32\fastboot.set
2014-12-02 15:39 - 2012-03-25 03:13 - 05390556 _____ () C:\FaceProv.log
2014-12-02 15:28 - 2014-05-17 20:39 - 00000000 ____D () C:\Users\JBH\Desktop\Photo Dump 051714
2014-12-02 15:28 - 2013-10-23 06:50 - 00000000 ____D () C:\Users\JBH\Documents\UC
2014-12-02 15:28 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Pdfs
2014-12-02 15:26 - 2009-07-13 23:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 15:26 - 2009-07-13 23:45 - 00028928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 15:19 - 2013-07-23 15:28 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 10:25 - 2012-04-28 20:27 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\vlc
2014-12-02 09:53 - 2013-12-25 23:47 - 01356131 _____ () C:\windows\WindowsUpdate.log
2014-12-02 09:48 - 2012-07-16 07:57 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-12-02 09:45 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-02 08:24 - 2013-02-18 09:07 - 00000000 ____D () C:\Users\JBH\Documents\Notes
2014-12-02 08:18 - 2012-04-18 22:36 - 00000000 ____D () C:\Users\JBH
2014-12-02 08:16 - 2013-05-13 06:08 - 00000000 ____D () C:\Users\JBH\Documents\FotoMorph Data
2014-12-02 08:16 - 2012-12-19 21:31 - 00000000 ____D () C:\Users\JBH\Documents\Sacrosomatics
2014-12-02 08:16 - 2012-12-10 10:50 - 00000000 ____D () C:\Users\JBH\Documents\Higgins PT
2014-12-02 08:16 - 2012-07-07 22:44 - 00000000 ____D () C:\Users\JBH\Documents\Heilman Chiropractic
2014-12-02 08:16 - 2012-06-23 19:11 - 00000000 ____D () C:\windows\system32\Macromed
2014-12-02 08:16 - 2012-05-29 15:32 - 00000000 ____D () C:\Users\JBH\Documents\WordPressAcademy
2014-12-02 08:16 - 2012-05-29 15:32 - 00000000 ____D () C:\Users\JBH\Documents\Thomas Passananti
2014-12-02 08:16 - 2012-05-29 15:26 - 00000000 ____D () C:\Users\JBH\Documents\Spinal Explorer
2014-12-02 08:16 - 2012-05-29 15:24 - 00000000 ____D () C:\Users\JBH\Documents\Soobie
2014-12-02 08:16 - 2012-05-29 15:18 - 00000000 ____D () C:\Users\JBH\Documents\RPM Juice
2014-12-02 08:16 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Phase customization
2014-12-02 08:16 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Oregon
2014-12-02 08:16 - 2012-05-29 15:15 - 00000000 ___SD () C:\Users\JBH\Documents\My Webs
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Mom
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Medicinal plants
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\MARKETING
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Maps
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Making PVC Didgeridoos_files
2014-12-02 08:16 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\Lifestyle Design School
2014-12-02 08:16 - 2012-05-29 14:54 - 00000000 ____D () C:\Users\JBH\Documents\Internet101
2014-12-02 08:16 - 2012-05-29 14:53 - 00000000 ____D () C:\Users\JBH\Documents\INTEGRAL
2014-12-02 08:16 - 2012-05-29 14:52 - 00000000 ____D () C:\Users\JBH\Documents\Image Expert Images
2014-12-02 08:16 - 2012-05-29 14:49 - 00000000 ____D () C:\Users\JBH\Documents\Home Transformations
2014-12-02 08:16 - 2012-05-29 14:49 - 00000000 ____D () C:\Users\JBH\Documents\HigherHealthPathways
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Health Eq
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Handyman business
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Group W
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Forms
2014-12-02 08:16 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\For Bridget
2014-12-02 08:16 - 2012-05-29 14:47 - 00000000 ___RD () C:\Users\JBH\Documents\Dropbox
2014-12-02 08:16 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\Erin and AJ
2014-12-02 08:16 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\epson10328
2014-12-02 08:16 - 2012-05-29 14:44 - 00000000 ____D () C:\Users\JBH\Documents\driverback
2014-12-02 08:16 - 2012-05-24 11:45 - 00000000 ____D () C:\Users\JBH\Documents\Receipts
2014-12-02 08:15 - 2014-10-27 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-12-02 08:15 - 2014-10-27 17:59 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-12-02 08:15 - 2014-10-27 17:59 - 00000000 ____D () C:\Program Files\iTunes
2014-12-02 08:15 - 2014-09-05 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-02 08:15 - 2014-08-19 14:37 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\uTorrent
2014-12-02 08:15 - 2012-07-04 08:16 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-02 08:15 - 2012-06-18 22:15 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\Skype
2014-12-02 08:15 - 2012-05-29 14:44 - 00000000 ____D () C:\Users\JBH\Documents\Dr Heilman Sleep System
2014-12-02 08:15 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\Documents By Date
2014-12-02 08:15 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\CTS
2014-12-02 08:15 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\Correspondence
2014-12-02 08:15 - 2012-05-29 14:36 - 00000000 ____D () C:\Users\JBH\Documents\Come Alive Chiropractic
2014-12-02 08:15 - 2012-05-29 14:36 - 00000000 ____D () C:\Users\JBH\Documents\COLOR
2014-12-02 08:15 - 2012-05-29 14:35 - 00000000 ____D () C:\Users\JBH\Documents\Coaching Business
2014-12-02 08:15 - 2012-05-29 14:35 - 00000000 ____D () C:\Users\JBH\Documents\CLINIC
2014-12-02 08:15 - 2012-05-29 14:35 - 00000000 ____D () C:\Users\JBH\Documents\Chiropractic Self-care.com
2014-12-02 08:15 - 2012-05-29 14:34 - 00000000 ____D () C:\Users\JBH\Documents\Chiropractic
2014-12-02 08:15 - 2012-05-29 14:33 - 00000000 ____D () C:\Users\JBH\Documents\Chinese
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\CCleaner
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Catopia
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Canvas files
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\BodhiWork
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Bluehost
2014-12-02 08:15 - 2012-05-29 14:32 - 00000000 ____D () C:\Users\JBH\Documents\Anti Aging Coach
2014-12-02 08:15 - 2012-05-29 14:31 - 00000000 ____D () C:\Users\JBH\Documents\Affiliate
2014-12-02 08:15 - 2012-05-29 14:30 - 00000000 ____D () C:\Users\JBH\Documents\000000
2014-12-02 08:15 - 2012-05-19 06:38 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 08:15 - 2012-04-22 08:37 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-02 08:15 - 2012-04-22 08:32 - 00000000 ____D () C:\Users\JBH\Documents\cc backups
2014-12-02 08:15 - 2012-04-20 22:21 - 00000000 ____D () C:\Users\JBH\AppData\Roaming\ArcSoft
2014-12-02 08:15 - 2012-04-20 19:47 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-12-02 08:15 - 2012-04-18 23:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-12-02 08:14 - 2014-10-27 17:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-02 08:13 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\registration
2014-12-02 08:12 - 2012-06-12 11:05 - 00000000 ____D () C:\Users\JBH\Documents\mohan
2014-12-02 08:12 - 2012-05-31 19:42 - 00000000 ____D () C:\Users\JBH\Documents\Poetry
2014-12-02 08:12 - 2012-05-29 15:26 - 00000000 ____D () C:\Users\JBH\Documents\Teachers
2014-12-02 08:12 - 2012-05-29 15:18 - 00000000 ____D () C:\Users\JBH\Documents\resumes
2014-12-02 08:12 - 2012-05-29 15:15 - 00000000 ____D () C:\Users\JBH\Documents\NLP
2014-12-02 08:12 - 2012-05-29 14:56 - 00000000 ____D () C:\Users\JBH\Documents\My Games
2014-12-02 08:12 - 2012-05-29 14:55 - 00000000 ____D () C:\Users\JBH\Documents\JAMA and other memberships
2014-12-02 08:11 - 2012-05-29 14:53 - 00000000 ____D () C:\Users\JBH\Documents\images
2014-12-02 08:11 - 2012-05-29 14:50 - 00000000 ____D () C:\Users\JBH\Documents\Hypnosis
2014-12-02 08:11 - 2012-05-29 14:49 - 00000000 ____D () C:\Users\JBH\Documents\Homo centaurus
2014-12-02 08:11 - 2012-05-29 14:48 - 00000000 ____D () C:\Users\JBH\Documents\Finance
2014-12-02 08:11 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\eFax
2014-12-02 08:11 - 2012-05-29 14:47 - 00000000 ____D () C:\Users\JBH\Documents\EASTGATE
2014-12-02 08:11 - 2012-05-16 07:23 - 00000000 ____D () C:\Users\JBH\Documents\Fax
2014-12-02 08:06 - 2012-05-29 14:38 - 00000000 ____D () C:\Users\JBH\Documents\Credit
2014-12-02 08:06 - 2012-05-29 14:37 - 00000000 ____D () C:\Users\JBH\Documents\CopyWriting
2014-12-02 08:04 - 2013-05-12 22:58 - 00000000 ____D () C:\Users\JBH\Documents\Broom making
2014-12-02 08:04 - 2012-05-29 14:33 - 00000000 ____D () C:\Users\JBH\Documents\Chiro portrait 10-14-05
2014-12-02 08:04 - 2012-05-29 14:31 - 00000000 ____D () C:\Users\JBH\Documents\Anita Saran
2014-12-02 08:04 - 2012-05-29 14:31 - 00000000 ____D () C:\Users\JBH\Documents\ACT
2014-12-02 08:02 - 2014-10-27 17:59 - 00000000 ____D () C:\Program Files\iPod
2014-12-02 08:01 - 2012-04-22 06:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-29 00:26 - 2012-05-29 15:16 - 00000000 ____D () C:\Users\JBH\Documents\Passananti
2014-11-28 00:22 - 2014-05-29 12:17 - 00057096 _____ (COMODO CA Limited) C:\windows\system32\certsentry.dll
2014-11-26 12:19 - 2013-07-23 15:28 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 12:19 - 2013-07-23 15:28 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 12:19 - 2013-07-23 15:28 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 00:32 - 2012-04-20 21:50 - 00000000 ____D () C:\Users\JBH\Documents\Youcam
2014-11-26 00:05 - 2012-04-20 19:47 - 00018138 _____ () C:\windows\system32\lvcoinst.log
2014-11-22 07:56 - 2014-09-07 08:00 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-22 01:14 - 2014-08-09 09:32 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 22:27 - 2012-04-18 22:55 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-11-20 22:44 - 2014-05-21 10:17 - 00000000 ____D () C:\Users\JBH\Desktop\FOR SALE
2014-11-13 19:32 - 2012-04-18 22:50 - 00000000 ____D () C:\Users\JBH\AppData\Local\Google
2014-11-13 19:31 - 2012-03-25 03:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-12 16:52 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-11-12 16:15 - 2009-07-13 23:45 - 00289984 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-12 16:11 - 2014-05-07 07:47 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-11-12 12:09 - 2013-07-25 02:41 - 00000000 ____D () C:\windows\system32\MRT
2014-11-12 11:31 - 2012-04-22 21:46 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-11-12 10:28 - 2012-05-29 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 10:26 - 2014-06-06 03:02 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-11-12 10:26 - 2013-12-22 11:49 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-11-12 10:26 - 2013-03-14 18:16 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-11-12 10:26 - 2013-03-14 18:16 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-11-12 10:26 - 2012-04-18 22:55 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-11-12 10:26 - 2012-04-18 22:55 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-11-12 10:26 - 2012-04-18 22:55 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-11-05 23:21 - 2014-01-11 22:09 - 00000000 ____D () C:\Users\JBH\Desktop\Theresa
2014-11-04 14:30 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
Some content of TEMP:
====================
C:\Users\JBH\AppData\Local\Temp\AudibleDM_iTunesSetup.exe
C:\Users\JBH\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-02 16:09:57
-----------------------------
16:09:57.268 OS Version: Windows x64 6.1.7601 Service Pack 1
16:09:57.268 Number of processors: 4 586 0x100
16:09:57.268 ComputerName: LLANO2012 UserName: JBH
16:10:43.023 Initialize success
16:10:52.040 AVAST engine defs: 14120201
16:14:25.355 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000074
16:14:25.355 Disk 0 Vendor: ST950032 0011 Size: 476940MB BusType: 11
16:14:25.901 Disk 0 MBR read successfully
16:14:25.916 Disk 0 MBR scan
16:14:26.556 Disk 0 Windows 7 default MBR code
16:14:26.571 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
16:14:26.571 Disk 0 default boot code
16:14:26.868 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
16:14:26.883 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
16:14:26.915 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
16:14:26.961 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
16:14:27.258 Disk 0 scanning C:\windows\system32\drivers
16:14:42.031 Service scanning
16:15:06.695 Modules scanning
16:15:06.695 Disk 0 trace - called modules:
16:15:06.726 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
16:15:06.726 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005a08060]
16:15:06.742 3 CLASSPNP.SYS[fffff8800198343f] -> nt!IofCallDriver -> [0xfffffa8005214b80]
16:15:06.742 5 amdxata.sys[fffff880010d97a8] -> nt!IofCallDriver -> \Device\00000074[0xfffffa80054379c0]
16:15:07.849 AVAST engine scan C:\windows
16:15:11.515 AVAST engine scan C:\windows\system32
16:18:14.722 AVAST engine scan C:\windows\system32\drivers
16:18:28.231 AVAST engine scan C:\Users\JBH
17:51:50.130 AVAST engine scan C:\ProgramData
17:59:36.618 Disk 0 statistics 6127058/0/0 @ 0.57 MB/s
17:59:36.649 Scan finished successfully
18:23:04.086 Disk 0 MBR has been saved successfully to "C:\Users\JBH\Desktop\aswMBR\MBR.dat"
18:23:04.101 The log file has been saved successfully to "C:\Users\JBH\Desktop\aswMBR\aswMBR.txt"
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 10:26
==================== End Of Log ============================