[RESOLVED] Re:Freezing on I.E. Farbar results etc
Hello all, got the latest Internet explorer, on a windows 8.1 laptop. All upto date. PART ONE
Problem I have is when I go onto the NS&I website in I.E. my laptop freezes, no way to get back on except to turn off, and restart. Have firefox works ok on that. Does not affect any other website as far as I am aware.
Have spyhunter, McAffee, Malwarebytes, spyware blaster.
Downloaded AdBlock plus, installed, cannot see it in IE, or in Firefox.
Still freezing, and now found out it is also freezing Facebook.
Please can someone give me a fix for this problem.
CAN someone tell me why does it say Administrator (Disabled) below
Asked to run Farbar, here are the results.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by (administrator) (02-08-2015 22:03:28) Running from C:\Users\Loaded Profiles:
Platform: Windows 8.1 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.6.1008.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotifications.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\Users\Desktop\My Documents\Set Up Programs 2\Adware-Removal-Tool-v3.9.1.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7642328 2014-12-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer_For_P2G9] => C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe [110344 2014-07-03] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795672 2014-07-10] (CyberLink Corp.)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\PROGRAM FILES (X86)\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.EXE [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-568704525-757881285-3721914199-1006\...\Run: [Power2GoExpress9] => C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe [2397448 2014-07-03] (CyberLink Corp.)
HKU\S-1-5-21-568704525-757881285-3721914199-1006\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
Startup: C:\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-12-29]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-568704525-757881285-3721914199-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-568704525-757881285-3721914199-1006 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-568704525-757881285-3721914199-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-01-13] (McAfee) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-03-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: McAfee SafeKey Vault -> {9DB059B3-DD36-4a55-846C-59BE42A1202A} -> C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-01-13] (McAfee)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll [2015-01-13] (McAfee)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - McAfee SafeKey - {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll [2015-01-13] (McAfee)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-568704525-757881285-3721914199-1006 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-07-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-07-21] (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{E5CC38C4-5D03-4957-8C7A-D6D7937AD96A}: [DhcpNameServer] 194.168.4.100 194.168.8.100
FireFox:
========FF ProfilePath: C:\Users\AppData\Roaming\Mozilla\Firefox\Profiles\asdp8qb8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-568704525-757881285-3721914199-1006: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-04-23] (RocketLife, LLP) FF Extension: No Name - :\Users\AppData\Roaming\Mozilla\Firefox\Profiles\asdp8qb8.default\Extensions\1425430187_xpi [2015-03-04]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-08-06]
Chrome: =======CHR dev: Chrome dev build detected! <======= ATTENTION==== Services (Whitelisted)
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-08-20] (Anvisoft)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-12-27] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-27] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1026944 2015-06-20] (Enigma Software Group USA, LLC.)
S3 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [190704 2014-03-13] (Synaptics Incorporated)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [164600 2015-07-13] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7532760 2014-12-27] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 BtwSerialBus; C:\Windows\System32\drivers\BtwSerialBus.sys [150744 2013-09-09] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R3 CLVirtualBus01; C:\Windows\System32\drivers\CLVirtualBus01.sys [103176 2014-03-12] (CyberLink)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-03-08] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-03-08] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-05-11] ()
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [466136 2014-01-14] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
R2 {C5F942FD-1110-4664-86CE-0C6BDA305235}; C:\Program Files (x86)\CyberLink\PowerDVD14\Common\NavFilter\000.fcl [32456 2014-07-08] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-02 22:03 - 2015-08-02 22:04 - 00024857 _____ C:\Users\Desktop\FRST.txt
2015-08-02 22:03 - 2015-08-02 22:03 - 02169856 _____ (Farbar) C:\Users\Desktop\FRST64.exe
2015-08-02 22:02 - 2015-08-02 22:02 - 01673728 _____ (Farbar) C:\UsersDesktop\FRST.exe
2015-08-02 21:51 - 2015-08-02 21:52 - 00000257 _____ C:\Windows\setupact.log
2015-08-02 21:51 - 2015-08-02 21:51 - 00000000 _____ C:\Windows\setuperr.log
2015-08-02 20:00 - 2015-08-02 20:00 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2015-08-02 19:59 - 2015-08-02 19:59 - 06162288 _____ ( ) C:\Users\Desktop\adblockplusie-1.4.exe
2015-08-01 23:26 - 2015-08-01 23:26 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-08-01 23:26 - 2015-08-01 23:26 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-07-29 23:46 - 2015-07-14 22:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-29 23:46 - 2015-07-14 22:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-07-29 23:46 - 2015-07-14 22:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-07-29 23:46 - 2015-06-12 18:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-29 23:46 - 2015-06-12 17:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-29 23:46 - 2015-06-09 19:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-29 23:45 - 2015-06-11 21:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-29 23:45 - 2015-06-11 21:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-29 23:45 - 2015-06-09 23:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-07-29 23:45 - 2015-06-09 23:39 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-07-29 23:45 - 2015-06-09 23:38 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-29 23:45 - 2015-05-12 01:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-29 23:45 - 2015-05-01 02:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-29 23:45 - 2015-05-01 02:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-29 23:45 - 2015-05-01 02:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-29 23:39 - 2015-07-29 23:39 - 00000424 _____ C:\Users\gepuk2001\Desktop\This PC - Shortcut.lnk
2015-07-28 10:58 - 2015-07-25 14:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-25 08:44 - 2015-08-01 22:56 - 00003184 _____ C:\Windows\System32\Tasks\HPCeeScheduleForgepuk2001
2015-07-25 08:44 - 2015-08-01 22:56 - 00000362 _____ C:\Windows\Tasks\HPCeeScheduleForgepuk2001.job
2015-07-23 09:39 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-07-22 20:28 - 2015-08-02 00:23 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2015-07-22 20:28 - 2015-07-22 20:28 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-21 20:14 - 2015-07-21 20:14 - 00000000 ____D C:\Users\Public\Documents\sun
2015-07-21 19:32 - 2015-07-14 15:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 19:32 - 2015-07-14 15:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 19:32 - 2015-07-14 15:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 19:32 - 2015-07-14 15:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-18 21:02 - 2015-07-18 21:02 - 00772016 _____ (Reimage®) C:\User\Downloads\ReimageRepair.exe
2015-07-18 21:00 - 2015-07-18 21:00 - 00000000 ____D C:\ProgramData\Google
2015-07-18 10:53 - 2015-07-18 10:53 - 00003244 _____ C:\Windows\System32\Tasks\Pokki
2015-07-16 19:37 - 2015-08-02 20:16 - 00000420 _____ C:\Windows\Tasks\PrintProjects Communicator.job
2015-07-16 19:37 - 2015-07-16 19:37 - 00003406 _____ C:\Windows\System32\Tasks\PrintProjects Communicator
2015-07-16 19:37 - 2015-07-16 19:37 - 00000000 ___RD C:\Users\Documents\RocketLifeNetwork
2015-07-16 19:25 - 2015-06-29 23:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 19:25 - 2015-06-29 16:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 19:25 - 2015-06-29 16:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 19:25 - 2015-06-29 16:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 19:25 - 2015-06-29 16:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 19:25 - 2015-06-27 00:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 19:25 - 2015-06-27 00:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 19:25 - 2015-05-12 14:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-16 19:25 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-16 19:25 - 2015-05-07 18:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 19:25 - 2015-05-07 18:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 19:25 - 2015-05-07 17:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 19:25 - 2015-05-07 17:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 19:25 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 19:25 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 19:25 - 2015-05-03 16:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 19:25 - 2015-05-03 16:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-16 19:25 - 2015-05-03 15:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 19:25 - 2015-05-03 15:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-16 19:25 - 2015-05-03 15:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 19:25 - 2015-05-03 15:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 19:25 - 2015-05-03 01:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 19:25 - 2015-04-30 00:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 19:25 - 2015-04-28 14:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-16 19:25 - 2015-04-28 14:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-16 19:25 - 2015-04-25 03:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 19:25 - 2015-04-23 16:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-16 19:25 - 2015-04-23 16:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-16 19:21 - 2015-07-16 19:37 - 00000000 ____D C:\Users\AppData\Roaming\Visan
2015-07-16 19:21 - 2015-07-16 19:37 - 00000000 ____D C:\Users\AppData\Roaming\PrintProjects
2015-07-16 19:21 - 2015-07-16 19:37 - 00000000 ____D C:\Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrintProjects
2015-07-16 19:20 - 2015-07-16 19:20 - 29760376 _____ (RocketLife Inc.) C:\Users
\Downloads\PrintProjects.exe
2015-07-16 19:19 - 2015-07-16 19:19 - 00000000 ____D C:\Users\gepuk2001\AppData\Roaming\Temp
2015-07-15 22:20 - 2015-07-09 20:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 22:20 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 22:20 - 2015-07-09 17:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 22:20 - 2015-07-09 16:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 22:20 - 2015-07-09 16:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 22:20 - 2015-07-09 16:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 22:20 - 2015-07-09 16:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 22:20 - 2015-07-09 16:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 22:20 - 2015-07-09 16:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 22:20 - 2015-07-09 16:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 22:20 - 2015-07-09 16:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 22:20 - 2015-07-09 16:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 22:20 - 2015-07-09 16:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 22:20 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 22:20 - 2015-06-27 04:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 22:20 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 22:20 - 2015-06-25 03:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 22:18 - 2015-07-02 22:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 22:18 - 2015-07-02 21:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 22:18 - 2015-07-02 21:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 22:18 - 2015-07-02 21:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 22:18 - 2015-07-02 21:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 22:18 - 2015-07-02 20:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 22:18 - 2015-07-02 20:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 22:18 - 2015-07-02 19:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 22:18 - 2015-07-01 23:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 22:18 - 2015-07-01 22:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 22:18 - 2015-06-28 06:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 22:18 - 2015-06-28 06:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 22:18 - 2015-06-28 06:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 22:18 - 2015-06-28 06:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 22:18 - 2015-06-27 17:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 22:18 - 2015-06-27 04:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 22:18 - 2015-06-27 04:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 22:18 - 2015-06-27 04:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 22:18 - 2015-06-27 03:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 22:18 - 2015-06-27 03:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 22:18 - 2015-06-27 03:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 22:18 - 2015-06-27 02:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 22:18 - 2015-06-27 02:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 22:18 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 22:18 - 2015-06-15 23:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 22:18 - 2015-06-15 23:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 22:18 - 2015-06-15 23:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 22:18 - 2015-06-15 23:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 22:18 - 2015-06-15 22:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 22:18 - 2015-06-15 22:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 22:18 - 2015-06-15 22:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 22:18 - 2015-06-15 22:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 22:18 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 22:18 - 2015-06-15 22:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 22:18 - 2015-06-15 22:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 22:18 - 2015-06-15 22:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 22:18 - 2015-06-15 22:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 22:18 - 2015-06-15 21:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 22:18 - 2015-06-15 21:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 22:18 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 22:18 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 22:18 - 2015-06-15 21:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 22:18 - 2015-06-15 21:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 22:18 - 2015-06-15 21:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 22:18 - 2015-06-15 21:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 22:18 - 2015-06-15 21:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 22:18 - 2015-06-15 21:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 22:18 - 2015-06-15 20:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 22:18 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 22:18 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 22:18 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 22:17 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 22:17 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 22:17 - 2015-06-15 23:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 22:17 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 22:17 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 22:17 - 2015-06-15 22:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 22:17 - 2015-06-15 22:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 22:17 - 2015-06-15 22:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 22:17 - 2015-06-15 22:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 22:17 - 2015-06-15 22:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 22:17 - 2015-06-15 22:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 22:17 - 2015-06-15 21:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 22:17 - 2015-06-15 21:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 22:17 - 2015-06-15 21:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 22:17 - 2015-06-15 21:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 22:17 - 2015-06-15 21:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 22:17 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 22:17 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 22:17 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 19:38 - 2015-07-15 19:40 - 00000000 ____D C:\Users\gepuk2001\Documents\CyberLink
2015-07-15 19:09 - 2015-08-02 21:55 - 01511557 _____ C:\Windows\WindowsUpdate.log
2015-07-14 21:06 - 2015-07-14 21:06 - 00001516 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-07-14 21:06 - 2015-07-14 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
2015-07-10 17:49 - 2015-08-02 03:14 - 00000000 ___HD C:\$Windows.~BT
Part two of Part One next Thanks, Gep
Part Three of internet Freezing
These are the Addition files. Files toooo Looooong so had to shorten them. Hope I have posted them in the correct forum???
Ran by gepuk2001 (2015-08-02 22:05:00)Running from C:\Users\DesktopBoot Mode: Normal
=======================================================
==================== Accounts: =============================
Administrator (S-1-5-21-568704525-757881285-3721914199-500 - Administrator - Disabled)
gepuk2001 (S-1-5-21-568704525-757881285-3721914199-1006 - Administrator - Enabled) => C:\Users
Guest (S-1-5-21-568704525-757881285-3721914199-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-568704525-757881285-3721914199-1003 - Limited - Enabled)
Pollyanna (S-1-5-21-568704525-757881285-3721914199-1005 - Limited - Enabled) => C:\Users\
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9840 - Broadcom Corporation)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Cloud System Booster (HKLM-x32\...\Cloud System Booster) (Version: 3.5 - Anvisoft)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 12 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12.0 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5315.0 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2930.0 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Evernote v. 5.8.4 (HKLM-x32\...\{C15841A6-C20A-11E4-977D-00163E98E7D6}) (Version: 5.8.4.6870 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C39A7F0F-89A6-44BB-B1BF-5F96569B5345}) (Version: 1.2.9 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
In the beginning was The Word (HKLM-x32\...\The Word) (Version: - )
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LibreOffice 4.4.4.3 (HKLM-x32\...\{5B6D82BB-CC1A-431E-8991-3E57855F99C5}) (Version: 4.4.4.3 - The Document Foundation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4113 - McAfee, Inc.)
McAfee SafeKey(uninstall only) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-568704525-757881285-3721914199-1006\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKU\S-1-5-21-568704525-757881285-3721914199-1006\...\PrintProjects) (Version: 1.0.0.18702 - RocketLife Inc.)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7358 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unchecky v0.3.8 (HKLM-x32\...\Unchecky) (Version: 0.3.8 - RaMMicHaeL)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-568704525-757881285-3721914199-1006_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-568704525-757881285-3721914199-1006_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)
============== Restore Points ========
24-06-2015 20:25:35 Windows Update
12-07-2015 16:36:45 Windows Update
14-07-2015 21:00:18 Installed LibreOffice 4.4.4.3
18-07-2015 07:27:54 Windows Modules Installer
22-07-2015 21:12:29 Windows Update
29-07-2015 23:26:31 Windows Update
02-08-2015 19:39:59 Installed Adblock Plus for IE (32-bit and 64-bit)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-03-06 10:58 - 2015-08-02 21:51 - 00001171 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
There are 4 more lines.
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0D321FBB-3354-4E1F-BABC-AACEEAF151C4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-568704525-757881285-3721914199-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {0F1F21CC-84D5-4C8A-8D8A-28BB045F5F4D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {16A68912-4326-4518-9C17-47C684C59EEF} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [2014-06-17] (CyberLink)
Task: {19C759D1-01D3-4667-AEF2-CC54BA2C83F3} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-568704525-757881285-3721914199-1006 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {1D3F4BD4-C41E-486D-A61C-001471C0A0D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {248BC06A-13C4-446B-AB7B-9F74790BB01E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-07] (Hewlett-Packard)
Task: {3474FE21-33C8-4BA3-820D-5BE9550FE850} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.)
Task: {3F7619FD-68C9-4F9E-8B1B-BA192CC7B817} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {4443C5BF-4D1A-42BB-A57C-FD8B18A87CFE} - System32\Tasks\{B300B0ED-076E-4E9B-A9E7-E311C36D716F} => pcalua.exe -a C:\Users\gepuk2001\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=tugs
Task: {462DFE4F-9575-41E6-8B63-B1BF3C196E95} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: {5139358D-A155-4791-8D19-FD21DC427F07} - \LaunchSignup No Task File <==== ATTENTION
Task: {55C7FF4D-EDC7-4509-A5A1-8E86F4F4EDD8} - \DoctorPC_Start No Task File <==== ATTENTION
Task: {5C5107E4-C069-4A84-B25D-B4180BE3740F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {5CDDC8D4-1C60-4064-9236-B03D91DA3539} - System32\Tasks\KCBOPKG => C:\Users\gepuk2001\AppData\Roaming\KCBOPKG.exe <==== ATTENTION
Task: {6C65AE73-3F0A-4359-834F-BEBAD54D027F} - System32\Tasks\{4D73638D-F5E9-4479-BE25-E0015ACCEAD1} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=Repair platform=x86 culture=en-us
Task: {6F3EA145-5BB0-4F7D-9809-6E84E936B018} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-15] (Google Inc.)
Task: {7A0BE80E-60F8-4D9F-A946-CB82469CA9F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-07] (Hewlett-Packard)
Task: {7D2E03F5-C3ED-4A0B-A080-D7574DBCD094} - \DoctorPC_Popup No Task File <==== ATTENTION
Task: {81F557C5-7F50-4A8A-B0F9-A4DCED1B1D64} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8E48D8C8-9E98-456C-B3B9-9965D0AB77EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {98FD6E43-91B1-45EA-A350-B11E5ADA31D8} - System32\Tasks\HPCeeScheduleForgepuk2001 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {A1D99B44-581C-458D-B19A-A6FA0724EB3B} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe
Task: {A23724CA-AFC0-4573-ABEE-CB43B5D3491D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-15] (Google Inc.)
Task: {B658943C-F634-4913-AA5B-4FE39C605B58} - System32\Tasks\{952C1835-9AF7-4A50-A578-E8D4CAE747FD} => pcalua.exe -a "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" -c scenario=Repair platform=x86 culture=en-us
Task: {BA3B38AF-9E1F-465E-9804-F9B3E54F45EB} - System32\Tasks\CBDLOD => C:\Users\gepuk2001\AppData\Roaming\CBDLOD.exe <==== ATTENTION
Task: {BA8D2B23-455E-4F96-B5F0-60531B535DD3} - \Selection Tools Update No Task File <==== ATTENTION
Task: {CA1C4D29-03B5-41D4-A470-3F261FAFA68B} - System32\Tasks\{0B46FD3F-A685-495A-8847-E053FE68D97D} => pcalua.exe -a C:\Users\Graham\Downloads\FirmwareFlashLauncher.exe
Task: {CC62ED8E-5C12-4414-B708-CAD09BB57F4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {CE2C7AA6-DDE0-482E-B2DB-DF987DA89578} - \Optimize Start Menu Cache Files-S-1-5-21-568704525-757881285-3721914199-1001 No Task File <==== ATTENTION
Task: {CE8D7732-10BC-48CA-9531-7BD03AEB9DD8} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {CEED0B2E-451E-4B16-969F-D0249A857355} - System32\Tasks\PrintProjects Communicator => C:\Users\gepuk2001\AppData\Roaming\PrintProjects\Communicator.exe [2011-06-16] ()
Task: {D2986061-14D7-49C1-917F-3F35C0C29F31} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {D3045CA2-FE90-4C31-B9DB-7B062034F6B9} - \Optimize Start Menu Cache Files-S-1-5-21-568704525-757881285-3721914199-500 No Task File <==== ATTENTION
Task: {D6873F18-08FA-4CF2-8138-D24ED55570A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe
Task: {DBADF4AA-0304-43C8-8D20-BEA47259A211} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {E38ED54E-277C-4DA0-89DA-62F3605F7BF4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E970164E-4BF9-4287-AB89-2080943B619F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {ED19CF83-B86D-4B6E-80D0-728B09980BB7} - \WindApp Update No Task File <==== ATTENTION
Task: {F67CB552-2581-48BE-AE22-813EDADD0D4C} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2015-07-21] (McAfee, Inc.)
Task: {F82C1128-17DC-43A6-B410-87ACD289A069} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {FDA17E93-F431-4502-B5C6-46DFB1B2B8CE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CBDLOD.job => C:\Users\gepuk2001\AppData\Roaming\CBDLOD.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForgepuk2001.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\KCBOPKG.job => C:\Users\gepuk2001\AppData\Roaming\KCBOPKG.exe <==== ATTENTION
Task: C:\Windows\Tasks\PrintProjects Communicator.job => C:\Users\AppData\Roaming\PrintProjects\Communicator.exe
==================== Loaded Modules (Whitelisted) ============
2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 08:44 - 2013-12-04 08:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 08:44 - 2013-12-04 08:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-08-06 00:42 - 2012-04-25 03:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-05-06 00:21 - 2012-08-08 21:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-18 16:27 - 2014-12-18 16:27 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-02-01 22:11 - 2015-02-01 22:11 - 00753184 _____ () C:\Users\gepuk2001\Desktop\My Documents\Set Up Programs 2\Adware-Removal-Tool-v3.9.1.exe
2014-12-18 16:25 - 2014-12-18 16:25 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 16:26 - 2014-12-18 16:26 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 16:29 - 2014-12-18 16:29 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 16:31 - 2014-12-18 16:31 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2015-03-04 12:01 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-04 12:01 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-04 12:01 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-04 12:01 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-04 12:01 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-05-06 00:10 - 2013-05-20 04:01 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\CLMediaLibrary.dll
2013-05-20 11:02 - 2013-05-20 11:02 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvcPS.dll
2014-08-06 00:01 - 2013-12-10 16:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
========= Alternate Data Streams (Whitelisted) =======
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\OneDrive:ms-properties
AlternateDataStreams: C:\Users\OneDrive:ms-properties
AlternateDataStreams: C:\Users\OneDrive (2):ms-properties
AlternateDataStreams: C:\Users\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ======
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (Whitelisted) ===
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 12683 more restricted site====== Other Areas =============
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-568704525-757881285-3721914199-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
========== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-568704525-757881285-3721914199-1006\...\StartupApproved\Run: => "Power2GoExpress9"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DF364F15-28B7-426A-B5B3-674754654D45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{852BEB40-C2F3-4B6E-B98E-C42BDBBEF436}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0A124D71-140C-4DCF-9745-262AD8A3D730}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E64A4F8B-575C-40D8-B8D6-AD18BEBDD5A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AC6D35F-EB3B-433F-BBCB-0132C6728FD2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{43BE52D6-E506-4BD1-A912-60D0500CF06E}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7D23D771-B00C-450E-87BA-668DFC33588F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E16F53F4-82DA-4D36-9305-148DD751A352}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{20DCDE72-8FEB-47C7-9975-C49D572ED7E3}] => (Allow) LPort=2869
FirewallRules: [{42490414-9189-455E-876D-E1FA71737DAF}] => (Allow) LPort=1900
FirewallRules: [{0E3BE19A-D6D3-4029-A694-87791C3C8079}] => (Allow) C:\Users\Graham\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1B34357E-C7D0-4A3A-B2E6-FFCD2ED1A427}] => (Allow) LPort=9322
FirewallRules: [{F8B3AD11-CF11-4AE3-B686-846D6089047B}] => (Allow) LPort=5353
FirewallRules: [{FCAB9EEC-5BE7-4ECB-A5EF-6739F6DF6C9C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{D5C899B2-6EC3-4133-9AB2-08029DBB4319}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{EB740447-14AF-4192-9F47-A92A9DC8770F}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{56289851-6E23-41D1-96FB-ADBA3E849F35}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{44C94AEF-1EF4-4092-A9AA-3EA6B62383CD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{72834C0A-A179-41C6-B0D1-568797DFEF1F}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{C252D4CD-D6B1-47B4-A5AD-3A97D9B65E73}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{29FAD7B0-CCD3-46A3-9F08-D7CBD854F34C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{0198CEE6-7C8B-414E-A95A-328D8109B585}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{D7FFE34D-5FE7-426D-A586-3B805817617A}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{8A496229-D17D-432C-B0DB-A6FDAD1FBE59}] => (Allow) LPort=9322
FirewallRules: [{9607B1F7-BB8F-47FA-9E3D-CCCF426CB57C}] => (Allow) LPort=5353
FirewallRules: [{4B79E964-8CD3-48E5-949F-3542FF67422B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1FAE4BD0-4407-4096-AA72-F03035A4A2E4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{809F9BCE-EBB0-4968-8031-8CB20FEB3BA4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{C9AE1900-13F8-4FA4-96D0-2D6DCF0B9954}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{BCE4A811-52AA-46FC-A13E-6CF4DDB4C2AD}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{D6B96201-6201-4D33-9E8B-59572BFF0793}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [TCP Query User{13F90676-5FFF-4DE4-B363-86517B929CBD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{10BA5DD0-9723-40C5-899C-3E686DBB1B06}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1A6C0FE4-9FCA-4EAD-AC3F-4561784F4F27}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{818E173F-A6B0-4F45-B6C7-26D35F41C188}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C4D25FE9-EABA-4D94-A2A0-9941B0EA9D5A}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{22890385-A327-4F46-8FA0-B83E6550C507}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3B85FB6-8FE4-4AB4-9144-837D853FAEAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A5924857-CB08-48F7-A332-754565604BF8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{3D72B8A7-3E31-43D9-88C6-1DEBCD629B35}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{E2A8C38F-5ACF-40BC-BBC3-05E680C0CDE0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{9010748C-772E-432C-B27C-2B45BEFAECB9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{E80E2BF0-12DF-4592-9B23-866D8BD401F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{28E76A85-3A05-405A-A9B8-7BDF9ABF67F3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{5ECD2C8C-C1A9-4D80-A3C5-02A89EF0D469}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{4FF5AF0B-D59D-4F2B-A863-4F21D4C887C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{1B54BEF2-FCE1-4527-B37D-94D94E8F0120}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{D8198A06-E9BE-4EA4-9600-9FDEF67855A7}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{3710F170-5A1C-49E2-AA0E-250FEA171DF0}] => (Allow) C:\Users\gepuk2001\AppData\Local\Microsoft\OneDrive\OneDrive.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
