Jump to content

Change Mode

My computer is slow (Resolved)


Icedog101
 Share

Recommended Posts

Hi Juliet

 

I may not have been clear at the top. I have http://windows.micro...-readiness-tool on the desktop. When I downloaded it I transferred to the desktop. I clicked on it to install. After wards I let it install without using the computer for the duration of the installation, what do I have to do with it. Usually there is a shortcut to start after it is installed.

 

I did go to windows fix it and found one of the explanations to fix problems to fix install and uninstall IE. I did run it, at the end said that it is not capable of fixing. The information said that if it is not fixed some files are corrupted.

 

I did windows update and at the end fix installation could no be fixed.

Link to comment
Share on other sites

  • Replies 77
  • Created
  • Last Reply

Top Posters In This Topic

use these settings to have items downloaded to desktop

 

Also, to ensure downloads go to desktop:

 

For the latest version of Firefox

Look at the top of the web page, clcik on the 3 bar icon tool.(Don't know what you really call it looks like 3 skinny lines)

At the top click on the General tab

scroll to the Downloads indicator, then check the box for "Save files to", here you can choose where to save. I use Desktop because it's the easiest to find things later.

 

 

For older versions of Firefox:

you press the orange Firefox button in the top left corner >> Options

Beneath where it shows homepage, click on save files to desktop

 

Chrome --

Press the Customize and Control Google button (three horizontal lines in top right corner of screen) >> Settings >> Show Advanced Settings >> Downloads, Download location, click on save to desktop

 

 

Prerequisite updates for Internet Explorer 11

http://support.microsoft.com/kb/2847882

 

please check your installed updates history, in the above link there are updates listed as prerequisites that should be in place before proceeding.

Edited by Juliet
typo
Link to comment
Share on other sites

Hi Juliet

 

I have the settings and when I download any thing, what I do is redirect to what folder I need it to be. There is an arrow downloading movement showing that is downloading or stooped , and I go there and move it to desktop if i need it there. I have all downloads directed to the download folder.

 

I have per-requisists for IE11. I have sp1, I have enough space.

 

I did installed http://windows.micro...-readiness-tool and I don`t what to do after. It installed and usually leaves an icon on the desktop to run, nut this program or fix did not leave an icon that I can see, or if it is supposed to leave one. This program is 500 and some MB`s, and I think this is to fix or to help run some part of windows to make it run better.

 

I know this systems sometimes are difficult to diagnostic because of so many conflicts.

Help is always welcome, and I always appreciate you effort.

Link to comment
Share on other sites

From what I read :

 

To install the program immediately, click Open or Run, and then follow the instructions on your screen.

After the tool install, then try the update again.

 

Windows Update Standalone Installer

http://support.microsoft.com/kb/947821

the above offers more information.

 

Other then the IE 11 update problem, how is your computer running at the moment?

Link to comment
Share on other sites

Hi Juliet

 

My system sometimes runs better and sometimes looks like is not. Sometimes when I am writing I can see that the letters are slow to come. At one time to my e-mail and when I want to empty or block, does not happen. I started to write this and your name started to appear when I finished.

 

My computer is a Samsung and I went to Samsun Recovery Solution. I found there are 3 solutions.

 

Basic restore, quickly restores only the major windows files while keeping personal data on windows drive safe.

If I go with it maybe does the job. Sometimes I am afraid of screwing it more.

 

 

Complete restore: overwrites the entire windows drive with backup image to restore the computer.

 

I wonder if I do the basic, maybe the files that are corrupted will be repaired.

 

I think it is running better than before and I am going to be looking to see what can I find more.

 

I am sorry that I am keeping you this long. I wished this was less troublesome than it was been.

Link to comment
Share on other sites

Was there a back ground antivirus scan running or was it possibly updating?

When this slowness occurs, open task manager and look for the item using the most CPU.

 

I think if you try Basic restore you would see an improvement.

 

If you would please, run this quick scan.

 

Please download RogueKiller and save it to your desktop.

 

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.
Link to comment
Share on other sites

Hi Juliet

 

I did a basic restore, and I did not have had time to test or to see if my system is better. I will be trying and observe is it helped.

 

I did install RogueKiller 64-bit and after did a scan, I have it bellow.

 

RKreport_SCN_06192014_224123:

 

RogueKiller V9.0.3.0 (x64) [Jun 17 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : John [Admin rights]
Mode : Scan -- Date : 06/19/2014 22:41:23

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 11 ¤¤¤
[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SBIOSIO -> FOUND
[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SBIOSIO -> FOUND
[suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SBIOSIO -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-839072158-3120938179-813264055-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-839072158-3120938179-813264055-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-839072158-3120938179-813264055-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-839072158-3120938179-813264055-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowPrinters : 0 -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND

¤¤¤ Scheduled tasks : 17 ¤¤¤
[suspicious.Path] \\{001D1EF7-BA0E-4900-82D0-37F29018CDFC} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\Adobe_Air_v3.9.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{0846B95F-7412-4F47-ABEB-38DA3184288E} -- C:\Users\John\Desktop\SecureII\SecureII.exe -> FOUND
[suspicious.Path] \\{103F8BB8-773A-4528-8AD9-EA196D1C61F1} -- C:\Users\John\Desktop\Windows\SecureII.exe -> FOUND
[suspicious.Path] \\{3267B28D-CAF8-43EC-AEDE-FE2FB4784056} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\B2CAppSetup.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{33677B8E-6707-4892-8FF4-5477463B370B} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\AppData\Local\Temp\{DFDCE4B6-3F34-4537-83EB-EAAB1F23AB06}\adobeshockwavextrabundle.exe -d "C:\Program Files (x86)\Mozilla Firefox" -c /xtrabundle=FontXtra) -> FOUND
[suspicious.Path] \\{387AED43-AA15-4055-80B9-3FC4893B7471} -- C:\Users\John\Desktop\SecureII.exe -> FOUND
[suspicious.Path] \\{38D15D3D-82BC-4C24-87A1-BD1A6C74B2AC} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\Flash_Disinfector.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{4D783538-5DC1-429F-AB5E-296435211A3A} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\MapSource_6163.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{7E3905D1-AC05-4966-B282-EF122144DD09} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\Windows_Live_Messenger_v2012.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{818796BF-4220-4105-ACD9-CF5A4ED80FE7} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Desktop\B2CAppSetup.exe -d C:\Users\John\Desktop) -> FOUND
[suspicious.Path] \\{A585B692-133A-4A27-82D0-7D2284063CDB} -- C:\Users\John\Desktop\SecureII.exe -> FOUND
[suspicious.Path] \\{A9EB95FD-2BA5-44AA-85AF-D1E96728E17B} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\HijackThis.exe -d C:\Users\John\Desktop) -> FOUND
[suspicious.Path] \\{ABBCBEF8-FB2B-4434-88E9-B73CC69ABC81} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Desktop\esetsmartinstaller_enu.exe -d C:\Users\John\Desktop) -> FOUND
[suspicious.Path] \\{B8B9F275-09DD-4E02-8206-F3A4FE92F972} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\startuplite-setup-1.07.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{CD2E07DE-FA12-4BF2-B375-79B0046D61A1} -- C:\Users\John\Desktop\SecureII\SecureII.exe -> FOUND
[suspicious.Path] \\{E644A14C-1812-4F03-88EF-5DE33B2BB97B} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\Downloads\Setup.exe -d C:\Users\John\Downloads) -> FOUND
[suspicious.Path] \\{F27E3C98-BE24-46BB-B547-7DD21188F058} -- C:\windows\system32\pcalua.exe (-a "C:\Users\John\Downloads\Registery erunt-setup.exe" -d C:\Users\John\Downloads) -> FOUND

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM641JI SATA Disk Device +++++
--- User ---
[MBR] cb544cc2af934e16f6200595a8aa7a51
[bSP] e0c67146b8527e1472924719aa6c10ce : Kiwi MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 236544 MB
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 484648960 | Size: 353765 MB
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1209159680 | Size: 20070 MB
User = LL1 ... OK
User = LL2 ... OK

Link to comment
Share on other sites

Sorry for the delay, wow what a day!

 

From the above scan, the only thing I didn't like was

[suspicious.Path] \\{33677B8E-6707-4892-8FF4-5477463B370B} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\AppData\Local\Temp\{DFDCE4B6-3F34-4537-83EB-EAAB1F23AB06}\adobeshockwavextrabundle.exe -d "C:\Program Files (x86)\Mozilla Firefox" -c /xtrabundle=FontXtra) -> FOUND

This is little extras that came in from adobe, and their located in a temp file. This you can do without.

The other finds are not troublesome.

 

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest: (if found)

[suspicious.Path] \\{33677B8E-6707-4892-8FF4-5477463B370B} -- C:\windows\system32\pcalua.exe (-a C:\Users\John\AppData\Local\Temp\{DFDCE4B6-3F34-4537-83EB-EAAB1F23AB06}\adobeshockwavextrabundle.exe -d "C:\Program Files (x86)\Mozilla Firefox" -c /xtrabundle=FontXtra) -> FOUND

Now click Delete on the right hand column under Options

 

***********************

I did see reference to a USB flash drive cleaner Flash_Disinfector.exe, it's ok to have this but it is outdated.

I would recommend one that is used and updated more frequently to handle todays USB infections.

 

 

If you use a USB drive to back up the files, here is a program that you can install after you have restored Windows. It will also scan any USB plugged into the computer.

 

Mcshield USB Protection

 

You should always press and hold the Shift key anytime you insert a Flash drive into any computer. That will disable the autorun feature.

 

Download Mc2Shield USB Protection Software and save it to your desktop.

  • Double click the McShield-Setup.exe file to start the installation and install with Default settings.
  • Right click the McShield-Setup.exe file and click Run as Administrator and OK any UAC prompts to start the installation and install with the Default settings
  • In the control center, select the Scanner tab and check Always unhide items on flash drives

     

    mcshield%20unhide.JPG

Anytime you plug in a USB drive, McShield will scan the device.

 

A log will also be generated that you will find in the path below:

Start > all programs > MCShield > logs > all scans

 

You can download the program documentation on the same page. Just click the down arrow beside the language of your choice.

 

 

Have you used the computer much today?

What issues do you see?

Link to comment
Share on other sites

Hi Juliet

 

I understand when you can not answer rightaway, I know you have others to help. You don`t have to be sorry for the delay.

 

I have been working the system and sometimes is a bit slow. Sometimes it is slow scrolling down.

 

The quote you told me I can see that when I follow the link, but when I do the scan with RogueKiller and go to registry ,I can not find that file or the others.

Link to comment
Share on other sites

The file in question was found in a temp folder.

We can do this:

 

Download TFC from here http://oldtimer.geekstogo.com/TFC.exe

and save it to your desktop.

 

Close any open programs and Internet browsers.

Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.

Please be patient as clearing out temp files may take a while.

Once it completes you may be prompted to restart your computer, please do so.

Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

~~~~~~~~~~~~~~~~~~~

 

Since you did a Basic restore let's download and run a tool again so that I can check for left overs, if any.

 

Please download Farbar Recovery Scan Tool

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

(use correct version for your system.....Which system am I using?)

and Tutorial http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

 

 

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Link to comment
Share on other sites

Hi Juliet

 

I am grateful for your continuous help.

 

In the last 2 weeks has been a hard for me. My wife was in the hospital. This week has been in pain with the kidney stones, tomorrow has an appointment to have testes done. On Thursday, she is going to be admitted to hospital for surgery to remove the stones and see if any still not discovered.

 

I did some searches .but I am with the same problem. Sometimes I have to wait for the writing. what happens is the plugin stopped working in a window, I press stop plugin and the window disappears the system continues.

 

I did scan what you told me.

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by John (administrator) on JOHN-PC on 24-06-2014 13:20:40
Running from C:\Users\John\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-06-07] (CyberLink)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5563760 2014-06-02] (Western Digital Technologies, Inc.)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-839072158-3120938179-813264055-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-839072158-3120938179-813264055-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-839072158-3120938179-813264055-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-06-16] (Glarysoft Ltd)
HKU\S-1-5-21-839072158-3120938179-813264055-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [1128000 2014-06-03] (BillP Studios)
HKU\S-1-5-21-839072158-3120938179-813264055-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * BootDefrag.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=U219DHP&pc=U219
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {c1d89ae7-449d-4929-b24b-fded04adbe06}
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: intu-tt2013 - {9FF5EC07-1645-43BF-828F-C73CFA7BC1AF} - C:\Program Files (x86)\TurboTax 2013\ic2013pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{F8BCFB85-77AD-4FB6-8817-47080EE4DC69}: [NameServer]192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434
FF SelectedSearchEngine: Google
FF Homepage: msn.ca
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\John\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\John\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\John\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\John\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\John\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\John\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\John\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\John\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Canadian English Dictionary - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\en-CA@dictionaries.addons.mozilla.org [2014-05-17]
FF Extension: 365Scores Notifier - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\Firefox@365scores.com [2014-05-18]
FF Extension: Corretor para Português de Portugal - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\pt-PT@dictionaries.addons.mozilla.org [2014-05-16]
FF Extension: WOT - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-05-16]
FF Extension: AutoTradutor - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\jid0-Re15rJGCtDTAeh3coeID4VTYl18@jetpack.xpi [2014-05-16]
FF Extension: Pin It button - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\pinterest@robertnyman.com.xpi [2014-05-16]
FF Extension: Priberam - Lingua Portuguesa On-Line. - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\priberam@coelhonarede.com.xpi [2014-05-16]
FF Extension: Flagfox - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-05-16]
FF Extension: abcTajpu - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\{15a7ef52-8a77-426e-9e17-e21af257d7c8}.xpi [2014-05-16]
FF Extension: FootieFox - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\2d837ppg.default-1395243719434\Extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi [2014-06-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Users\John\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://msn.ca/
CHR StartupUrls: "hxxp://msn.ca/", "hxxp://msn.pt/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\John\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\John\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\John\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealDownloader Plugin) - C:\Users\John\RealDownloader\BrowserPlugins\npdlplugin.dll No File
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.16) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Special Characters - Click and Paste) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjbliednplpohojfpgnbpcppgdnhklb [2014-05-23]
CHR Extension: (AdBlock) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-15]
CHR Extension: (Pin It Button) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-26]
CHR Extension: (Portuguese Dictionary) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkjekdadnmabagedanjdjfpmjpoglapb [2014-02-16]
CHR Extension: (Spell Checker for Chrome) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2014-05-18]
CHR Extension: (Shareaholic for Pinterest) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc [2014-05-18]
CHR Extension: (Skype Click to Call) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-20]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR Extension: (365Scores - Live Scores,Sports News & Alerts) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko [2014-05-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-07-15] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-07-15] (Atheros Commnucations) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] () [File not signed]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-06-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
S4 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-03-10] (AVG Technologies)
S4 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-16] (Glarysoft Ltd)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
S4 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-05-16] (Glarysoft Ltd)
S2 LxrSII1d; C:\windows\SysWOW64\Drivers\LxrSII1d.sys [70016 2005-05-19] () [File not signed]
R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-04-14] (Windows ® 2003 DDK 3790 provider)
R1 SafDskNT; C:\windows\system32\drivers\SAFDSKNT.SYS [76112 2009-12-07] (PC Dynamics, Inc.)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [40712 2012-11-01] (Anchorfree Inc.)
S3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-05-28] (Spotflux, Inc.)
S0 70844403; system32\drivers\77897873.sys [X]
S3 DCamUSBSTK02N; system32\DRIVERS\STK02NW2.sys [X]
S3 SBIOSIO; \??\C:\Users\John\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
S0 xbrmb; System32\drivers\bger.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-24 13:20 - 2014-06-24 13:21 - 00027514 _____ () C:\Users\John\Desktop\FRST.txt
2014-06-24 13:13 - 2014-06-24 13:13 - 02082816 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-06-24 12:19 - 2014-06-24 12:19 - 19168944 _____ (Adobe Systems Incorporated) C:\Users\John\Downloads\install_flash_player.exe
2014-06-24 11:53 - 2014-06-24 11:53 - 00323720 _____ (AnyAppSnow) C:\Users\John\Downloads\Download.exe
2014-06-23 14:39 - 2014-06-23 14:39 - 00007550 _____ () C:\Users\John\Desktop\The Florida Keys.csv
2014-06-23 14:34 - 2014-06-23 14:34 - 00006362 _____ () C:\Users\John\Desktop\Tampa_Bay_Attractions.csv
2014-06-23 14:32 - 2014-06-23 14:32 - 00241354 _____ () C:\Users\John\Downloads\Pets_Welcome_SE_revF.csv
2014-06-23 14:31 - 2014-06-23 14:31 - 00049441 _____ () C:\Users\John\Downloads\Drive-In Theaters.csv
2014-06-23 14:30 - 2014-06-23 14:30 - 00000893 _____ () C:\Users\John\Downloads\Canadian GPS Stores.csv
2014-06-23 14:29 - 2014-06-23 14:29 - 00037071 _____ () C:\Users\John\Desktop\AutoRepair.csv
2014-06-23 14:29 - 2014-06-23 14:29 - 00001422 _____ () C:\Users\John\Desktop\Auto Repair.BMP
2014-06-23 14:28 - 2014-06-23 14:28 - 00003384 _____ () C:\Users\John\Desktop\applebees_tourguide.bmp
2014-06-23 14:26 - 2014-06-23 14:26 - 00198063 _____ () C:\Users\John\Desktop\Applebees-USA.csv
2014-06-23 13:27 - 2014-06-23 13:27 - 00001036 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-06-23 13:26 - 2014-06-24 11:26 - 00000000 ____D () C:\ProgramData\MCShield
2014-06-23 13:26 - 2014-06-23 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-06-23 13:26 - 2014-06-23 13:26 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-06-22 16:21 - 2014-06-22 16:21 - 00000000 ___RD () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-22 15:28 - 2014-06-22 15:28 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.Skype.RNP.9326895834221759.4.1.Run.exe
2014-06-22 14:13 - 2014-06-22 14:38 - 00000000 ____D () C:\Users\John\Downloads\USB cleaner
2014-06-22 13:40 - 2014-06-22 13:41 - 00000000 ____D () C:\Users\John\AppData\Roaming\ZoomBrowser EX
2014-06-20 22:29 - 2014-06-20 22:29 - 00000000 ____D () C:\Users\John\AppData\Local\AMD
2014-06-20 03:38 - 2011-12-22 14:49 - 00267776 _____ (Microsoft Corporation) C:\windows\system32\ieaksie.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00227840 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieaksie.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieakui.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\ieakui.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00160256 _____ (Microsoft Corporation) C:\windows\system32\ieakeng.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00130560 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieakeng.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00114176 _____ (Microsoft Corporation) C:\windows\system32\admparse.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00101888 _____ (Microsoft Corporation) C:\windows\SysWOW64\admparse.dll
2014-06-20 03:38 - 2011-12-22 14:49 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ie4uinit.exe
2014-06-20 03:38 - 2011-10-12 03:53 - 07124304 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc100ud.dll
2014-06-20 03:38 - 2011-10-12 03:53 - 07055696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc100d.dll
2014-06-20 03:38 - 2011-10-12 03:53 - 01505104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100d.dll
2014-06-20 03:38 - 2011-10-12 03:53 - 00743760 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp100d.dll
2014-06-20 03:38 - 2011-10-12 03:53 - 00105296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcm100ud.dll
2014-06-20 03:38 - 2011-10-12 03:53 - 00103760 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcm100d.dll
2014-06-20 03:38 - 2011-08-04 02:12 - 00093288 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInst64.dll
2014-06-20 03:38 - 2011-07-27 11:55 - 02604376 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib.dll
2014-06-20 03:38 - 2011-07-27 11:55 - 02132824 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ.dll
2014-06-20 03:38 - 2011-06-27 01:45 - 03768152 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek.dll
2014-06-20 03:38 - 2010-11-20 23:24 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2014-06-20 03:38 - 2010-11-20 23:23 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2014-06-20 03:38 - 2009-06-10 16:45 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2014-06-19 23:11 - 2014-06-19 23:12 - 16867056 _____ (Innovative Solutions ) C:\Users\John\Downloads\Advanced_Uninstaller11_40_CNet.exe
2014-06-19 23:10 - 2014-06-19 23:10 - 00929416 _____ (CNET Download.com) C:\Users\John\Downloads\cbsidlm-cbsi188-Advanced_Uninstaller_Pro-ORG-10069986.exe
2014-06-19 22:23 - 2014-06-19 22:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-19 21:50 - 2013-12-09 22:28 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-19 21:50 - 2013-12-09 22:02 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-18 22:20 - 2014-06-18 22:20 - 06010880 _____ () C:\Program Files (x86)\GUTA1E4.tmp
2014-06-18 22:20 - 2014-06-18 22:20 - 00000000 ____D () C:\Program Files (x86)\GUMA1E3.tmp
2014-06-18 17:00 - 2014-06-16 03:27 - 00017600 _____ (Glarysoft Ltd) C:\windows\system32\Drivers\BootDefragDriver.sys
2014-06-18 16:59 - 2014-06-18 16:59 - 13744328 _____ () C:\Users\John\Downloads\Glary_Utilities_v5.2.0.5.exe
2014-06-17 23:26 - 2014-06-17 23:26 - 13829304 _____ (Microsoft Corporation) C:\Users\John\Downloads\mseinstall.exe
2014-06-17 21:52 - 2014-06-22 16:19 - 00008192 _____ () C:\windows\SysWOW64\WDPABKP.dat
2014-06-16 22:20 - 2014-06-16 22:20 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.malware.RNP.132640186746151.6.1.Run.exe
2014-06-16 22:18 - 2014-06-16 22:18 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.WindowsFirewall.RNP.132640186746151.5.1.Run.exe
2014-06-16 11:23 - 2014-06-16 11:24 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.Performance.RNP.150326362959254402.2.1.Run.exe
2014-06-16 10:26 - 2014-06-16 10:26 - 00013832 _____ () C:\Users\John\Documents\cc_20140616_102624.reg
2014-06-15 22:38 - 2014-06-15 22:38 - 00009548 _____ () C:\Users\John\Documents\cc_20140615_223848.reg
2014-06-15 21:55 - 2014-06-15 21:56 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.1326313727116143.3.1.Run.exe
2014-06-15 21:26 - 2014-06-15 21:26 - 00985600 _____ () C:\Users\John\Downloads\MicrosoftFixit50123(2).msi
2014-06-15 21:22 - 2014-06-15 21:22 - 00280204 _____ () C:\Users\John\Downloads\WindowsUpdateDiagnostic.diagcab
2014-06-15 15:03 - 2014-06-15 15:03 - 00985600 _____ () C:\Users\John\Downloads\MicrosoftFixit50123.msi
2014-06-15 14:48 - 2014-06-15 14:48 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.IEPerformance.RNP.3232628869335448.7.1.Run.exe
2014-06-15 13:35 - 2014-06-15 13:35 - 00000000 ____D () C:\windows\AxInstSV
2014-06-15 12:48 - 2014-06-15 14:35 - 00000134 _____ () C:\Users\John\Desktop\Internet Explorer Troubleshooting.url
2014-06-15 12:44 - 2014-06-15 12:45 - 55915216 _____ (Microsoft Corporation) C:\Users\John\Downloads\IE11-Windows6.1-x64-en-us.exe
2014-06-14 22:41 - 2014-06-14 22:41 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.wu.LB.9326229984168433.1.1.Run.exe
2014-06-14 21:54 - 2014-06-24 13:09 - 01861763 _____ () C:\windows\WindowsUpdate.log
2014-06-14 21:53 - 2014-06-14 21:53 - 00000722 _____ () C:\Users\John\Documents\cc_20140614_215317.reg
2014-06-14 21:24 - 2014-06-14 21:24 - 00001886 _____ () C:\Users\John\Documents\cc_20140614_212439.reg
2014-06-14 21:23 - 2013-09-02 03:58 - 00175528 _____ (Trend Micro Inc.) C:\windows\system32\Drivers\tmcomm.sys
2014-06-14 17:56 - 2014-06-14 17:56 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 09:53 - 2014-06-14 09:53 - 00010850 _____ () C:\Users\John\Documents\cc_20140614_095310.reg
2014-06-12 16:34 - 2014-06-12 16:34 - 00000000 ____D () C:\windows\system32\nn-NO
2014-06-12 16:34 - 2014-06-12 16:34 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-06-12 16:34 - 2011-08-09 18:46 - 00443040 _____ (Atheros) C:\windows\system32\athihvs.dll
2014-06-12 16:34 - 2011-08-09 18:46 - 00063648 _____ (Atheros) C:\windows\system32\athihvui.dll
2014-06-12 15:46 - 2014-06-12 16:09 - 00000184 _____ () C:\setup.log
2014-06-12 11:33 - 2014-06-12 11:33 - 00001848 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-06-11 22:13 - 2014-06-11 22:13 - 00001029 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-06-11 18:04 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-11 18:04 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-11 18:04 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-11 18:04 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 18:04 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-11 18:04 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-11 18:04 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-11 18:04 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-11 18:04 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-11 18:04 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-11 18:04 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-11 18:04 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-06-11 17:40 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-11 17:40 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 17:39 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-11 17:39 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-11 16:54 - 2014-06-11 16:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-11 16:54 - 2014-06-11 16:54 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-11 16:54 - 2014-06-11 16:54 - 00000000 ____D () C:\ProgramData\Skype
2014-06-11 16:54 - 2014-06-11 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-11 15:55 - 2014-06-24 13:21 - 00000000 ____D () C:\Users\John\Desktop\repair 3
2014-06-10 16:35 - 2014-06-22 15:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 13:55 - 2014-06-10 13:55 - 00022290 _____ () C:\Users\John\Documents\cc_20140610_135532.reg
2014-06-10 00:04 - 2014-06-18 23:18 - 00164800 _____ () C:\Users\John\Desktop\Redlight-Cameras.csv
2014-06-09 21:52 - 2014-06-09 21:52 - 00000207 _____ () C:\windows\tweaking.com-regbackup-JOHN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\RegBackup
2014-06-09 21:33 - 2014-06-09 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-09 21:07 - 2014-06-09 21:07 - 00000000 ____D () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-06-09 21:06 - 2014-06-09 21:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-06-09 15:19 - 2014-06-09 15:19 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-09 00:22 - 2014-06-09 00:22 - 00046980 _____ () C:\Users\John\Desktop\combo fix.txt
2014-06-09 00:21 - 2014-06-09 00:21 - 00046980 _____ () C:\ComboFix.txt
2014-06-08 23:42 - 2014-06-09 00:21 - 00000000 ____D () C:\Qoobox
2014-06-08 23:42 - 2011-06-26 02:45 - 00256000 _____ () C:\windows\PEV.exe
2014-06-08 23:42 - 2010-11-07 13:20 - 00208896 _____ () C:\windows\MBR.exe
2014-06-08 23:42 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-06-08 23:42 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-06-08 23:42 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-06-08 23:42 - 2000-08-30 20:00 - 00098816 _____ () C:\windows\sed.exe
2014-06-08 23:42 - 2000-08-30 20:00 - 00080412 _____ () C:\windows\grep.exe
2014-06-08 23:42 - 2000-08-30 20:00 - 00068096 _____ () C:\windows\zip.exe
2014-06-08 23:38 - 2014-06-08 23:38 - 00003338 _____ () C:\Users\John\Desktop\info net problems.txt
2014-06-08 23:27 - 2014-06-08 23:27 - 00000316 _____ () C:\Users\John\Desktop\unisntall combo fix.txt
2014-06-08 23:05 - 2014-06-08 23:06 - 05205146 ____R (Swearware) C:\Users\John\Desktop\ComboFix.exe
2014-06-07 10:35 - 2014-06-07 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-07 10:35 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-07 10:35 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-07 10:35 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-07 10:35 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-07 10:34 - 2014-06-07 10:35 - 00004341 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-07 10:33 - 2014-06-07 10:33 - 00918952 _____ (Oracle Corporation) C:\Users\John\Downloads\jxpiinstall.exe
2014-06-07 01:11 - 2014-06-07 01:11 - 01045896 _____ (AB Media ) C:\Users\John\Downloads\EasyToolbarRemover.exe
2014-06-07 01:03 - 2014-06-07 01:03 - 00006674 _____ () C:\Users\John\Documents\cc_20140607_010348.reg
2014-06-06 13:12 - 2014-06-06 13:12 - 00001124 _____ () C:\Users\John\Desktop\Ipod Music - Shortcut.lnk
2014-06-06 11:44 - 2014-06-06 11:45 - 00000000 ____D () C:\Users\John\Desktop\Florida Vacation 2014
2014-06-06 11:11 - 2014-06-09 15:11 - 00000000 ____D () C:\Users\John\Desktop\Repair 2
2014-06-06 10:47 - 2014-06-18 16:55 - 00000388 _____ () C:\BackupLoader.ini
2014-06-05 10:51 - 2014-06-05 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 10:48 - 2014-06-05 10:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 10:48 - 2014-06-05 10:50 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 10:48 - 2014-06-05 10:48 - 00000000 ____D () C:\Program Files\iPod
2014-06-04 20:50 - 1999-12-31 20:00 - 00685160 _____ (Realtek ) C:\windows\system32\Drivers\Rt64win7.sys
2014-06-04 20:50 - 1999-12-31 20:00 - 00074344 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-06-04 19:30 - 2014-06-04 19:30 - 02002080 _____ (PC Drivers HeadQuarters) C:\Users\John\Downloads\DriverDetective.exe
2014-06-04 16:27 - 2014-06-04 16:28 - 02712872 _____ () C:\Users\John\Downloads\spotflux-2.10.7-97.exe
2014-06-04 10:34 - 2014-06-18 17:00 - 00001040 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-06-03 22:03 - 2014-06-03 22:03 - 00000000 ____D () C:\windows\ERUNT
2014-06-03 21:13 - 2014-06-03 21:13 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-03 21:13 - 2014-06-03 21:13 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-03 21:13 - 2014-06-03 21:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-06-03 13:02 - 2014-06-03 17:37 - 00000000 ____D () C:\Users\John\Desktop\mbar
2014-06-03 11:37 - 2014-06-03 11:38 - 00000000 ____D () C:\Users\John\Desktop\Medical info
2014-06-02 22:18 - 2014-06-02 22:18 - 00000000 ____D () C:\Users\John\AppData\Local\com
2014-06-02 22:16 - 2014-06-02 22:42 - 00000000 ____D () C:\ProgramData\198768042fc4fc9c
2014-06-02 22:15 - 2014-06-02 22:42 - 00000000 ____D () C:\Users\John\AppData\Roaming\Activeris
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\John\AppData\Local\Torch
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\John\AppData\Local\Packages
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\John\AppData\Local\globalUpdate
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\John\AppData\Local\Comodo
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\John\AppData\Local\Chromatic Browser
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\Icedog\AppData\Local\Torch
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\Icedog\AppData\Local\Comodo
2014-06-02 22:15 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\Icedog\AppData\Local\Chromatic Browser
2014-06-02 22:14 - 2014-06-02 22:15 - 00000000 ____D () C:\Users\Icedog\AppData\Local\Google
2014-06-02 22:14 - 2014-06-02 22:14 - 00000000 ____D () C:\Users\Guest
2014-06-02 22:13 - 2014-06-02 22:13 - 00000000 ____D () C:\Users\Administrator
2014-06-02 22:10 - 2014-06-02 22:10 - 00003110 _____ () C:\windows\System32\Tasks\{E644A14C-1812-4F03-88EF-5DE33B2BB97B}
2014-06-02 11:43 - 2014-06-02 11:43 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-06-02 11:43 - 2014-06-02 11:43 - 00000000 ____D () C:\windows\system32\SRSLabs
2014-06-02 11:43 - 2014-06-02 11:43 - 00000000 ____D () C:\Program Files\Realtek
2014-06-02 11:43 - 2014-06-02 11:43 - 00000000 _____ () C:\ProgramData\DP45977C.lfl
2014-06-02 11:41 - 1999-12-31 20:00 - 56270848 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2014-06-02 11:41 - 1999-12-31 20:00 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 05804772 _____ () C:\windows\system32\Drivers\rtvienna.dat
2014-06-02 11:41 - 1999-12-31 20:00 - 03872984 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-06-02 11:41 - 1999-12-31 20:00 - 02825432 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 02792152 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 02101848 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 01958616 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-06-02 11:41 - 1999-12-31 20:00 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 01024216 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00947760 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00946392 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00757301 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-06-02 11:41 - 1999-12-31 20:00 - 00662784 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00624344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2014-06-02 11:41 - 1999-12-31 20:00 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 14737496 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 02037336 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 01033304 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 00663296 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 00603984 _____ (Knowles Acoustics ) C:\windows\system32\KAAPORT64.dll
2014-06-02 11:40 - 1999-12-31 20:00 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 06217904 _____ (Dolby Laboratories) C:\windows\system32\DDPP64A.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 01938608 _____ (Dolby Laboratories) C:\windows\system32\DDPD64A.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00313520 _____ (Dolby Laboratories) C:\windows\system32\DDPO64A.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00260272 _____ (Dolby Laboratories) C:\windows\system32\DDPA64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-02 11:39 - 1999-12-31 20:00 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2014-06-02 10:58 - 2014-06-02 10:58 - 00000000 ____D () C:\ProgramData\ATI
2014-06-02 10:52 - 2014-06-02 10:52 - 00000000 ____D () C:\Users\John\AppData\Roaming\library_dir
2014-06-02 10:51 - 2014-06-02 10:51 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-06-02 10:50 - 2014-06-02 10:50 - 00061432 _____ () C:\windows\SysWOW64\CCCInstall_201406021050103591.log
2014-06-02 10:49 - 2014-06-02 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-06-02 10:47 - 2014-06-02 10:51 - 00000000 ____D () C:\ProgramData\AMD
2014-06-02 10:45 - 2014-06-02 10:45 - 00000000 ____D () C:\Users\John\Downloads\Slim driveres update
2014-06-02 10:33 - 2014-06-02 10:33 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-06-02 10:30 - 2014-06-02 10:48 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-06-02 01:02 - 2014-06-22 16:16 - 00000408 _____ () C:\windows\Tasks\SlimDrivers Startup.job
2014-06-02 01:02 - 2014-06-22 15:43 - 00002834 _____ () C:\windows\System32\Tasks\SlimDrivers Startup
2014-06-02 01:02 - 2014-06-02 01:02 - 00002467 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk
2014-06-01 21:30 - 2014-06-04 21:00 - 00000000 ____D () C:\Users\John\Desktop\Repair
2014-06-01 21:21 - 2014-06-01 21:22 - 02001368 _____ (Driver Support) C:\Users\John\Downloads\DriverSupport.exe
2014-06-01 15:13 - 2014-06-01 15:13 - 00791552 _____ (AMD) C:\Users\John\Downloads\amddriverdownloader.exe
2014-06-01 14:26 - 2014-06-01 14:26 - 00003142 _____ () C:\windows\System32\Tasks\{FBE866B0-3BA9-4926-ABFC-7AB65076D59F}
2014-06-01 13:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-06-01 13:22 - 2014-06-01 13:26 - 00000000 ____D () C:\AdwCleaner
2014-05-31 15:26 - 2014-06-24 13:20 - 00000000 ____D () C:\FRST
2014-05-31 15:21 - 2014-05-31 15:21 - 00977392 _____ (SlimWare Utilities, Inc.) C:\Users\John\Downloads\SlimCleanerPlus-setup.exe
2014-05-27 21:18 - 2014-05-29 17:33 - 00000000 ____D () C:\Users\John\AppData\Roaming\vlc
2014-05-27 21:18 - 2014-05-27 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-05-27 19:02 - 2014-05-27 19:02 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk

==================== One Month Modified Files and Folders =======

2014-06-24 13:21 - 2014-06-24 13:20 - 00027514 _____ () C:\Users\John\Desktop\FRST.txt
2014-06-24 13:21 - 2014-06-11 15:55 - 00000000 ____D () C:\Users\John\Desktop\repair 3
2014-06-24 13:20 - 2014-05-31 15:26 - 00000000 ____D () C:\FRST
2014-06-24 13:20 - 2013-11-21 11:32 - 00000000 ____D () C:\Users\John\Desktop\ATF Cleaner
2014-06-24 13:13 - 2014-06-24 13:13 - 02082816 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-06-24 13:09 - 2014-06-14 21:54 - 01861763 _____ () C:\windows\WindowsUpdate.log
2014-06-24 12:59 - 2012-05-11 23:30 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-06-24 12:44 - 2013-01-18 20:05 - 00000904 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000UA.job
2014-06-24 12:42 - 2013-02-16 17:11 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-24 12:42 - 2012-07-14 18:45 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-24 12:19 - 2014-06-24 12:19 - 19168944 _____ (Adobe Systems Incorporated) C:\Users\John\Downloads\install_flash_player.exe
2014-06-24 11:53 - 2014-06-24 11:53 - 00323720 _____ (AnyAppSnow) C:\Users\John\Downloads\Download.exe
2014-06-24 11:44 - 2013-01-18 20:05 - 00000852 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000Core.job
2014-06-24 11:27 - 2009-07-14 01:13 - 00786662 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-24 11:26 - 2014-06-23 13:26 - 00000000 ____D () C:\ProgramData\MCShield
2014-06-23 21:42 - 2012-07-14 18:45 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-23 16:44 - 2012-05-08 22:27 - 00000000 ____D () C:\Users\John\AppData\Roaming\Skype
2014-06-23 14:39 - 2014-06-23 14:39 - 00007550 _____ () C:\Users\John\Desktop\The Florida Keys.csv
2014-06-23 14:34 - 2014-06-23 14:34 - 00006362 _____ () C:\Users\John\Desktop\Tampa_Bay_Attractions.csv
2014-06-23 14:32 - 2014-06-23 14:32 - 00241354 _____ () C:\Users\John\Downloads\Pets_Welcome_SE_revF.csv
2014-06-23 14:31 - 2014-06-23 14:31 - 00049441 _____ () C:\Users\John\Downloads\Drive-In Theaters.csv
2014-06-23 14:30 - 2014-06-23 14:30 - 00000893 _____ () C:\Users\John\Downloads\Canadian GPS Stores.csv
2014-06-23 14:29 - 2014-06-23 14:29 - 00037071 _____ () C:\Users\John\Desktop\AutoRepair.csv
2014-06-23 14:29 - 2014-06-23 14:29 - 00001422 _____ () C:\Users\John\Desktop\Auto Repair.BMP
2014-06-23 14:28 - 2014-06-23 14:28 - 00003384 _____ () C:\Users\John\Desktop\applebees_tourguide.bmp
2014-06-23 14:26 - 2014-06-23 14:26 - 00198063 _____ () C:\Users\John\Desktop\Applebees-USA.csv
2014-06-23 13:27 - 2014-06-23 13:27 - 00001036 _____ () C:\Users\Public\Desktop\MCShield Real-Time Monitor.lnk
2014-06-23 13:26 - 2014-06-23 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2014-06-23 13:26 - 2014-06-23 13:26 - 00000000 ____D () C:\Program Files (x86)\MCShield
2014-06-23 13:09 - 2014-01-14 01:05 - 00003918 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{9D2D67AE-66EE-4CC1-9B13-35A7105D1F65}
2014-06-22 21:53 - 2013-10-27 01:04 - 00001015 _____ () C:\Users\John\Desktop\Portugal new poi gathering.txt
2014-06-22 16:25 - 2009-07-14 00:45 - 00021536 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 16:25 - 2009-07-14 00:45 - 00021536 _____ () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 16:21 - 2014-06-22 16:21 - 00000000 ___RD () C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-22 16:19 - 2014-06-17 21:52 - 00008192 _____ () C:\windows\SysWOW64\WDPABKP.dat
2014-06-22 16:18 - 2014-05-14 10:32 - 00000330 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2014-06-22 16:18 - 2014-05-14 10:31 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-06-22 16:18 - 2009-07-14 00:45 - 03030120 _____ () C:\windows\system32\FNTCACHE.DAT
2014-06-22 16:16 - 2014-06-02 01:02 - 00000408 _____ () C:\windows\Tasks\SlimDrivers Startup.job
2014-06-22 16:16 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-22 15:43 - 2014-06-02 01:02 - 00002834 _____ () C:\windows\System32\Tasks\SlimDrivers Startup
2014-06-22 15:28 - 2014-06-22 15:28 - 00347816 _____ (Microsoft Corporation) C:\Users\John\Downloads\MicrosoftFixit.Skype.RNP.9326895834221759.4.1.Run.exe
2014-06-22 15:09 - 2014-06-10 16:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 14:38 - 2014-06-22 14:13 - 00000000 ____D () C:\Users\John\Downloads\USB cleaner
2014-06-22 13:41 - 2014-06-22 13:40 - 00000000 ____D () C:\Users\John\AppData\Roaming\ZoomBrowser EX
2014-06-22 13:40 - 2012-05-12 01:15 - 00000000 ____D () C:\ProgramData\ZoomBrowser
2014-06-21 12:50 - 2014-04-01 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 22:29 - 2014-06-20 22:29 - 00000000 ____D () C:\Users\John\AppData\Local\AMD
2014-06-19 23:12 - 2014-06-19 23:11 - 16867056 _____ (Innovative Solutions ) C:\Users\John\Downloads\Advanced_Uninstaller11_40_CNet.exe
2014-06-19 23:10 - 2014-06-19 23:10 - 00929416 _____ (CNET Download.com) C:\Users\John\Downloads\cbsidlm-cbsi188-Advanced_Uninstaller_Pro-ORG-10069986.exe
2014-06-19 22:23 - 2014-06-19 22:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-19 21:37 - 2012-07-14 18:45 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 21:37 - 2012-07-14 18:45 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 23:18 - 2014-06-10 00:04 - 00164800 _____ () C:\Users\John\Desktop\Redlight-Cameras.csv
2014-06-18 22:20 - 2014-06-18 22:20 - 06010880 _____ () C:\Program Files (x86)\GUTA1E4.tmp
2014-06-18 22:20 - 2014-06-18 22:20 - 00000000 ____D () C:\Program Files (x86)\GUMA1E3.tmp
2014-06-18 17:00 - 2014-06-04 10:34 - 00001040 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-06-18 17:00 - 2014-05-16 17:04 - 00002968 _____ () C:\windows\System32\Tasks\GU5SkipUAC
2014-06-18 17:00 - 2014-05-16 17:04 - 00002622 _____ () C:\windows\System32\Tasks\GlaryInitialize 5
2014-06-18 17:00 - 2014-05-16 17:04 - 00001052 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-06-18 16:59 - 2014-06-18 16:59 - 13744328 _____ () C:\Users\John\Downloads\Glary_Utilities_v5.2.0.5.exe
2014-06-18 16:55 - 2014-06-06 10:47 - 00000388 _____ () C:\BackupLoader.ini
2014-06-18 11:39 - 2013-01-18 20:05 - 00003872 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000UA
2014-06-18 11:39 - 2013-01-18 20:05 - 00003476 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000Core
2014-06-17 23:45 -

Link to comment
Share on other sites

Hi Juliet

 

I realized to late these scans sometimes don't fit here. Now is the case of Addition.

I did check if the scan was there when I pasted on the window, but what happens is when you press post does not show after it is posted.

I think is about the space allocated for each post.

 

I will put here.

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by John at 2014-06-24 13:23:45
Running from C:\Users\John\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
„Windows Live Essentials“ (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3522.0110 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 16.4.3522.0110 - „Microsoft Corporation“) Hidden
Absolute Uninstaller 2.9.0.722 (HKLM-x32\...\Absolute Uninstaller_is1) (Version: - Glarysoft.com)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{0099B484-C24C-4D5F-8167-B0F6DF196E72}) (Version: 12.0.3.133 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.02.0000 - AMD) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.120 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.4.0.15 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.3.0.15 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.3.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.7 (HKLM-x32\...\DPP) (Version: 3.7.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.7.1.0 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.6.0.0 - Canon Inc.)
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility (HKLM-x32\...\WFTK) (Version: 3.4.0.2 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.4.1.11 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CSVed 2.2.2a (HKLM-x32\...\CSVed_is1) (Version: 2.2.2a - Sam Francke)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media Suite 11 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1130a - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3306 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.6607 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.1.6607 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.0.7.3_WHQL (HKLM\...\Elantech) (Version: 10.0.7.3 - ELAN Microelectronic Corp.)
Fotoattēlu galerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin City Navigator North America NT 2014.40 Update (HKLM-x32\...\{82B42DF2-2ECF-4C4B-B939-A275664028E2}) (Version: 17.40.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Glary Utilities 5.2 (HKLM-x32\...\Glary Utilities 5) (Version: 5.2.0.5 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{43AC7CBC-1D6A-3B5B-81B1-A0C166FE48F4}) (Version: 4.8.2.15856 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.4.4 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.4 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 2.0.01 - Gateway)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0401-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0402-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0404-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0406-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040B-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040E-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0412-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0414-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0416-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0418-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0419-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041B-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041E-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041F-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0424-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0426-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0427-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0804-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0816-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-081A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.4 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.4 - MPC-HC Team)
MPC-HC 1.7.5 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.5 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
Pdf995 (HKLM-x32\...\Pdf995) (Version: - )
Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1400.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung)
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TurboTax 2013 (HKLM-x32\...\{1E0FF98D-4AE4-46CC-B624-E771ABD5EA11}) (Version: 1.00.0000 - Intuit Canada)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - )
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{324C58C7-A292-4523-A943-91DE1EB6A1FE}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{90C3D9C7-2F83-4399-8E28-A00228CFFDF8}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{F6ABA2F3-9759-48CD-B25B-A07A811E92E4}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3522.0110 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live 메일 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live 필수 패키지 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3522.0110 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
사진 갤러리 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

==================== Restore Points =========================

18-06-2014 01:00:26 Tweaking.com - Windows Repair
18-06-2014 01:53:43 Tweaking.com - Windows Repair
19-06-2014 17:51:04 Windows Update
19-06-2014 18:21:32 Windows Modules Installer
19-06-2014 18:22:44 Windows Modules Installer
19-06-2014 18:23:26 Windows Modules Installer
20-06-2014 03:00:12 Windows Update
22-06-2014 19:44:28 SlimDrivers Installing Drivers
22-06-2014 20:00:31 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
23-06-2014 17:26:55 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2014-06-17 23:05 - 00000855 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {072F3E3A-CE36-432B-8E2D-0F53FC39B471} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2013-01-22] (Samsung Electronics CO., LTD.)
Task: {094D334B-D96E-4E5A-9953-89B3AB6E6634} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {0F6B0F45-02B9-4369-9E42-02C02930EBAB} - System32\Tasks\{2DDD8DB6-B5EB-47E9-AB08-C638D4506E7F} => F:\SecureII\Windows\SecureII.exe
Task: {0FEF4D83-316C-410A-8A7E-15DB6E5D416B} - System32\Tasks\{293E998D-374A-4BA9-AADC-A955229EA3F8} => F:\SecureII\Windows\SecureII.exe
Task: {164C30F7-1F8C-4E15-8960-648DF5F1BD8C} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {1BEE5D7E-F95A-484F-8207-9A489D488BC3} - System32\Tasks\{96692BE2-8D16-4AED-A88E-6EE2F657C3A6} => F:\SecureII\Windows\SecureII.exe
Task: {26AA7CA9-442B-4A72-9973-495E92EBFACC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000Core => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20] (Google Inc.)
Task: {368B7095-9EB1-4BA7-A095-76A90AA12EE9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-839072158-3120938179-813264055-1000 => C:\Users\John\RealDownloader\recordingmanager.exe
Task: {371C1C2A-5D39-4475-A532-8FCF1F846731} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe
Task: {3C83CEDC-D405-4278-A8FF-628DF8D0265F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-06-07] (CyberLink)
Task: {3E718F0E-EA6F-49F7-89D3-878203EF8CFD} - System32\Tasks\{87F0F20D-8C34-4943-8757-454B635706FF} => Firefox.exe
Task: {4ED05F26-DB2C-49C1-B437-0B339F3135A7} - System32\Tasks\{B4601D62-355A-450F-9F82-B10CF9BB4C31} => F:\SecureII\Windows\SecureII.exe
Task: {4F1A88ED-6707-4370-8530-BC304C2DE026} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-06-16] (Glarysoft Ltd)
Task: {525588FD-A11D-4154-88D6-76CC98A61783} - System32\Tasks\{387AED43-AA15-4055-80B9-3FC4893B7471} => C:\Users\John\Desktop\SecureII.exe
Task: {52DE81CB-E9B6-4834-A0E7-3ABCCB8CDF64} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {53B1284B-EE69-48A6-9108-27BB9A53B493} - System32\Tasks\{B12D4C09-1673-48CB-B165-AAC9B1246710} => F:\SecureII\Windows\SecureII.exe
Task: {5A009AE0-A9B8-4E67-BF46-A2F05B8EE484} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {678CDEB7-B14B-46B6-A2FF-D30A932C17A1} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {724ED6F0-687C-4300-B778-EA9C280C0062} - System32\Tasks\{A5ACE93C-3DB9-4B2E-80A5-1EF7B1A24A30} => Firefox.exe http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?source=lightinstaller&page=tsMain
Task: {7736A7FE-C03E-4BE0-A544-A87BB50427EF} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2011-09-28] (Samsung Electronics)
Task: {7A300E36-4BE6-4219-8FF3-AFB1BDC038DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000UA => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-20] (Google Inc.)
Task: {885D56FD-ABB7-40D6-A4EE-DBB47B67838B} - System32\Tasks\{2DA6309B-DA3D-4B67-92CC-9136D5C5CFCB} => F:\SecureII\Windows\SecureII.exe
Task: {89541022-2EA2-430E-BB61-8E9119013713} - System32\Tasks\{FBE866B0-3BA9-4926-ABFC-7AB65076D59F} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {92A57884-BCB8-4E50-A2B9-F6021AAFDB42} - System32\Tasks\{8180B7DB-67A9-4492-A80C-7B1CAA6FF1F9} => Firefox.exe
Task: {9817F1B5-09F9-4581-8DB8-242F36E1A6BC} - System32\Tasks\{A585B692-133A-4A27-82D0-7D2284063CDB} => C:\Users\John\Desktop\SecureII.exe
Task: {A17FA2A5-6BE0-49BF-A690-4C4E55467614} - System32\Tasks\{8CB26D52-3176-4CD3-A161-83615ED1683B} => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
Task: {ABDAA038-B3B0-402A-985F-437403D9164B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {B97AC3BB-6DDD-4698-B41A-89FDD23698C0} - System32\Tasks\{15E4DBDF-C69C-42F7-A924-DC91AF9DD1FD} => F:\SecureII\Windows\SecureII.exe
Task: {BCDD8F36-1441-4F04-8AC2-4B2F2DDDB6A1} - System32\Tasks\{203CA771-98EC-4C28-8D74-8E3F5DE45900} => F:\SecureII\Windows\SecureII.exe
Task: {C1D65423-A8FB-4344-B7E3-CBF4A05D3194} - System32\Tasks\{76FAF8C7-0D04-4E4C-BBF4-B935E924D60A} => F:\SecureII\SecureII\Windows\SecureII.exe
Task: {C6084E60-403C-4E69-B3BF-513DCA0F0FC1} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {C7171C48-1611-4CF6-9C53-8A5456F1507F} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {C904099A-64F2-4DE7-954E-EDFE9EC71622} - System32\Tasks\{9DCBB893-A87F-4C04-A899-5677109E044B} => Firefox.exe
Task: {C9890195-1CEE-42B1-B93C-B65DB1EFB37B} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {CF41AFC2-5E6F-4C49-98B8-011A28C915FA} - System32\Tasks\{103F8BB8-773A-4528-8AD9-EA196D1C61F1} => C:\Users\John\Desktop\Windows\SecureII.exe [2007-01-05] (Lexar Media, Inc.)
Task: {D0B318BF-45C3-47E6-B584-0CCF9A5C2B4C} - System32\Tasks\{CB12BCD4-7B5E-44DB-9C71-48FFF5D76CAC} => F:\SecureII\Windows\SecureII.exe
Task: {D90676F2-8DF4-488B-A49F-19AD0D8E97A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {D9E2E61D-ADB6-4694-AB32-96C59F84E1C9} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {DDD792AC-BF4C-4251-A295-AFBD0B8D500F} - System32\Tasks\{5870D18C-A202-4577-9352-FDA847C2976B} => F:\SecureII\Windows\SecureII.exe
Task: {E1296FF3-F348-49F0-B393-CE6C23494587} - System32\Tasks\{CD2E07DE-FA12-4BF2-B375-79B0046D61A1} => C:\Users\John\Desktop\SecureII\SecureII.exe
Task: {E1B64A06-1495-453D-926A-C34AA0C50EB0} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24] (SlimWare Utilities, Inc.)
Task: {E36F65B1-807F-4EF2-8EC0-A219D5B2F7F8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {E6AC6579-4614-4AB0-AC85-94DDFCCC02F3} - System32\Tasks\{17B0ADEC-7339-475E-B1A4-0E95202F4489} => F:\SecureII\Windows\SecureII.exe
Task: {E6E3095F-8370-462F-BEB8-0DE42907D972} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-11] (Adobe Systems Incorporated)
Task: {E925A52E-303D-43F5-BB40-654ADA115BF9} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-06-16] (Glarysoft Ltd)
Task: {EA93FBD8-6CA2-4416-BA1E-505361BAF94C} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.)
Task: {EC5B8945-9AFC-4C79-BDAC-EA64D507EC41} - System32\Tasks\{4E8D3AAA-A130-45D6-909A-2F573231E9E3} => F:\SecureII\Windows\SecureII.exe
Task: {F4026B40-E238-49AA-AD27-E5D110891C15} - System32\Tasks\{0846B95F-7412-4F47-ABEB-38DA3184288E} => C:\Users\John\Desktop\SecureII\SecureII.exe
Task: {F7A86771-2A48-435A-8A17-F6A32E5C4679} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000Core.job => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-839072158-3120938179-813264055-1000UA.job => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2012-05-06 16:51 - 2012-04-26 15:51 - 00040448 _____ () C:\windows\System32\pdf995mon64.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-12-21 23:19 - 2009-12-01 03:21 - 00244904 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-07-10 00:39 - 2012-02-13 15:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2011-01-27 15:28 - 2011-01-27 15:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: SkyDrive => "C:\Users\John\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2014 01:00:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.9016, time stamp: 0x52a1d50f
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000332b0
Faulting process id: 0x170
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3

Error: (06/24/2014 00:58:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233
Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x15c8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/24/2014 11:26:38 AM) (Source: MsiInstaller) (EventID: 11714) (User: John-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.

Error: (06/23/2014 11:44:32 PM) (Source: MsiInstaller) (EventID: 11714) (User: John-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.

Error: (06/23/2014 06:44:37 PM) (Source: MsiInstaller) (EventID: 11714) (User: John-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.

Error: (06/23/2014 06:30:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/23/2014 01:10:42 PM) (Source: MsiInstaller) (EventID: 11714) (User: John-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.

Error: (06/22/2014 09:45:06 PM) (Source: MsiInstaller) (EventID: 11714) (User: John-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.

Error: (06/22/2014 04:44:39 PM) (Source: MsiInstaller) (EventID: 11714) (User: John-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.

Error: (06/22/2014 04:18:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/24/2014 01:18:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/24/2014 01:16:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (06/22/2014 04:18:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
70844403
xbrmb

Error: (06/22/2014 04:17:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Secure II Driver service failed to start due to the following error:
%%1275

Error: (06/22/2014 04:17:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\windows\SysWow64\Drivers\LxrSII1d.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/22/2014 04:17:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Core Update Service service failed to start due to the following error:
%%1053

Error: (06/22/2014 04:17:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

Error: (06/20/2014 10:23:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1070

Error: (06/20/2014 10:23:42 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%834

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%838

Error: (06/20/2014 10:23:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Function Discovery Provider Host service hung on starting.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-06-24 11:34:49.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:34:48.880
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:58.081
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:57.847
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:55.206
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:54.988
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:16.218
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:15.999
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:13.333
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-06-24 11:27:13.115
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 5611.8 MB
Available physical RAM: 3654.2 MB
Total Pagefile: 11221.78 MB
Available Pagefile: 9227.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231 GB) (Free:73.23 GB) NTFS
Drive d: () (Fixed) (Total:345.47 GB) (Free:268.54 GB) NTFS
Drive f: (SCAN TO 2GB) (Removable) (Total:1.86 GB) (Free:1.71 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 674EF893)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=345 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=20 GB) - (Type=27)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to comment
Share on other sites

I am so sorry for your wife. I have heard kidney stones are unbearable. I hope she recovers soon.

 

 

I see you have Comodo. In the past have you experienced problems with firewall rules in blocking files or web sites?

Just as an experiment, disable the firewall and see if those issues are still present. Then re-enable of course.

 

 

2 files I would like to have scanned, I cannot find any information on them.

 

 

 

Please go to one of the below sites to scan the following files:

Virus Total (Recommended)

jotti.org

VirScan

click on Browse, and upload the following files for analysis one at a time please:

c:\system32\drivers\77897873.sys

 

next this one

 

C:\System32\drivers\bger.sys

 

Then click Submit. Allow the file to be scanned, and then please copy and paste the results link (for Virus Total) here for me to see.

If it says already scanned -- click "reanalyze now"

Please post the results in your next reply.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

 

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.

Paste this into the open notepad. save it to the Desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

 

start

SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {c1d89ae7-449d-4929-b24b-fded04adbe06}

SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch

SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

2014-06-19 23:10 - 2014-06-19 23:10 - 00929416 _____ (CNET Download.com) C:\Users\John\Downloads\cbsidlm-cbsi188-Advanced_Uninstaller_Pro-ORG-10069986.exe

end

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~

 

NEXT***

Please run a Threat Scan with MBAM. If you're unable to run or complete the scan as shown below please see the following: MBAM Clean Removal Process 2x

When reinstalling the program please try the latest version.

 

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

Link to comment
Share on other sites

Hi Juliet

 

Thank you for you kind wards. Kidney stones are painful.

 

I did open Virus Total to scan the files you mention. First I went and follow the link. I did look for c:\system32\drivers. I did not see that. What I found was this

C:\ windows\system32\drivers. I looked for / 77897873.sys, and bger.sys and did not see these files.

 

This is the Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014
Ran by John at 2014-06-24 22:24:47 Run:6
Running from C:\Users\John\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Quote

start
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {c1d89ae7-449d-4929-b24b-fded04adbe06}
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glary...s}&src=iesearch
SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
2014-06-19 23:10 - 2014-06-19 23:10 - 00929416 _____ (CNET Download.com) C:\Users\John\Downloads\cbsidlm-cbsi188-Advanced_Uninstaller_Pro-ORG-10069986.exe
end
*****************

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value deleted successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{c1d89ae7-449d-4929-b24b-fded04adbe06}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\Backup.Old.DefaultScope => value deleted successfully.
C:\Users\John\Downloads\cbsidlm-cbsi188-Advanced_Uninstaller_Pro-ORG-10069986.exe => Moved successfully.

==== End of Fixlog ====

 

 

 

mbam log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 24/06/2014
Scan Time: 11:05:10 PM
Logfile: mbam log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.25.01
Rootkit Database: v2014.06.23.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Enabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: John

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 388474
Time Elapsed: 31 min, 50 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to comment
Share on other sites

I researched back over your logs and they are also located here. Let's see if we can please try once more.

 

c:\windows\SYSNATIVE\drivers\77897873.sys

c:\windows\SYSNATIVE\drivers\bger.sys

Edited by Juliet
Link to comment
Share on other sites

With help from a friend, let's try a couple of things.

 

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.

Paste this into the open notepad. save it to the Desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

 

start

S0 70844403; system32\drivers\77897873.sys [X]

S0 xbrmb; System32\drivers\bger.sys [X]

end

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

~~~~~~~~~~~~~~~~

 

resetting IE back to default settings

 

How to reset Internet Explorer settings

http://support.microsoft.com/kb/923737

 

*****

Uninstalling an extension in chrome:

Click the Chrome menu on the browser toolbar.

Click Tools.

Select Extensions.

Please review the extensions listed here, if you see one you know you did not place there your self, let's remove it.

 

*****

How to remove extensions in Firefox

https://support.mozilla.org/en-US/kb/disable-or-remove-add-ons#w_how-to-remove-extensions-and-themes

 

At the top of the Firefox window, click on the 3 straight lines, click on the puzzle piece also Add-ons, and then click Add-ons. The Add-ons Manager tab will open.

Review items listed here, if you see one you don't want or you didn't install please remove/delete.

In the Add-ons Manager tab, select the Extensions or Appearance panel.

Select the add-on you wish to remove.

Click the Remove button.

Click Restart now if it pops up. Your tabs will be saved and restored after the restart.

 

 

 

******

 

Please download the ESET services repair tool, extract the file to your desktop.

  •  

     

  • Double-click ServicesRepair.exe,

     

     

  • If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.
  • Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.

     

     

  • a log will be saved in the CCSupport folder the tool created on your desktop, please post the content in your next reply

     

     

*****
Link to comment
Share on other sites

Hi Juliet

 

I am sorry for taking this long. As you know I had to assist my wife, She had to be in the hospital a bit longer because the stone was logged in a bad position. The urethra was swollen and had to be put a tube to help the process from the kidney to the bladder.

Thank you.

 

I will do the reset o IE.

Chromo I don`t have many adons.

Firefox some of the adons are disable.

 

 

I did the scan Fixlog and here it is:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-06-2014 02
Ran by John at 2014-06-30 11:33:48 Run:8
Running from C:\Users\John\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Quote

start
S0 70844403; system32\drivers\77897873.sys [X]
S0 xbrmb; System32\drivers\bger.sys [X]
end
*****************

70844403 => Service not found.
xbrmb => Service not found.

==== End of Fixlog ====

 

Here is the SvcRepair:

 

Log Opened: 2014-06-30 @ 11:35:40
11:35:40 - -----------------
11:35:40 - | Begin Logging |
11:35:40 - -----------------
11:35:40 - Fix started on a WIN_7 X64 computer
11:35:40 - Prep in progress. Please Wait.
11:35:47 - Prep complete
11:35:47 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
11:35:52 - Services Repair Complete.
11:35:58 - Reboot Initiated

Link to comment
Share on other sites

Hi Juliet

 

My wife is recovering well thanks.

 

I find it better. I had dificulty with my facebook and now is better. I also had problems with my e-mail. It was dificult to delete took longer and when I did press block and stopped. Now I am writing and the cursor is invissible. I have a problem with firefox and chromo.

 

Firefox I did reset and each time I want to open on of the bookmarks it is does not let me. I go through the process and when I put the curser on it, I can see the link but if I double click nothing happen. Many times if I open a new window sometimes I do the same and opens the bookmark. Other times desapear and I have to open a new window and click opens ok.

 

 

Chromo is almost like this. I click on the saves bookmark and the drpo window stays behind what is on that site. I have to reset chromo to see if it is fixed.

 

I went to windows fix and try chromo but nothing happens.

Link to comment
Share on other sites

HI Juliet

 

I can say despite all this, I can say this is working better than it has for sometime. I will be testing and I will tell you in the next couple days. I appreciate your insite and willing to help to solve my problems.

Link to comment
Share on other sites

Hi Juliet,

 

I have to thank you for the help and your willing to see it come to a end with a good outcome.

 

I can tell you that after the last scans of ServicesRepair must have than a good job.Now I can go to my e-mail and scroll, block e-mails and write and the cursor does not lag.

 

Firefox was reset and the only thing is that when I want to open a bookmark I have to wait for the link to show and wait a bit and right click to work.

 

Chromo is good.

 

IE I don`t use to go on the internet.

 

I have to ask you,

 

You told me to download some programs and some of em are to be used to scan the system, but only to be used when you can help.

Others can be used to clean temporary files.

Can you tell me what are the ones to keep by myself, and those I should no use?

 

These are some of the programs I have here:

 

tweaking.com_windows_repair,

RogueKillerX64, FRST64,

SecurityCheck,

eset_nod32_antivirus_live_installer,

JRT,

tdsskiller,

AdwCleaner

ComboFix

Link to comment
Share on other sites

Hi Icedog101

It was a battle wasn't it?, but we won.

 

I'll be glad to show you how to remove those tools used and I can give recommendations what to keep and use on your computer to help keep it secure.

 

Don't miss or skip this next step, this will remove malicious files from quarantine and set a clean restore point.

 

Go to Start > Run > copy and paste the full text path in the run box

 

ComboFix /Uninstall

 

Note the space between the x and the /U, it needs to be there.

 

********************

 

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.

Paste this into the open notepad. save it to the Desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

 

Run FRST/FRST64 and press the Fix button just once and wait.

no needed to post the log this time.

start

DeleteQuarantine:

end

******************

 

Remove Tools Used :

 

Clean up with Delfix

 

Download "Delfix by Xplode" and save it to your desktop.

  • Double Click to start the program

    If you are using Vista or higher, please right-click and choose run as administrator

    Make Sure the following items are checked:

    • Remove disinfection tools
    • Create registry backup
    • Purge System Restore
    Now click on " Run " and wait patiently until the tool have completed.

     

    Any other tools and files found can simply be deleted or uninstall via Add/Remove Programs in the Control Panel etc.

**********************

 

Your good to go, good job!

 

Please take the time to read over a few of my preventive tips.

 

Computer Security

http://malwareremoval.com/forum/viewtopic.php?p=557960#p557960

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Be prepared for CryptoLocker:

 

Cryptolocker Ransomware: What You Need To Know

 

CryptoLocker Ransomware Information Guide and FAQ

 

to help protect your computer in the future I recommend that you get the following free programmes:

 

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

 

CryptoPrevent.JPG

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Please navigate to Microsoft Windows Updates and download all the "Critical Updates" for Windows.

 

 

Firefox 3

The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 3, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.

*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

 

AdblockPlus

  • AdblockPlus, Surf the web without annoying ads!
  • Blocks banners, pop-ups and video ads - even on Facebook and YouTube
  • Protects your online privacy
  • Two-click installation, It's free!
  • click the icon that corresponds to your browser and download.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

WOT Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
  • It is possible for other programs on your computer to have security vulnerability that can allow malware to infect you.
  • Therefore, it is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities.
  • You can check these by visiting Secunia Software Inspector or you can use the following application for this purpose PatchMyPC
Link to comment
Share on other sites

Hi Juliet,

 

Happy 4th of July to you and your Family.

 

Yes it was a battle, we did clear the problem, but like you say we have to be careful. I am thankful for all your knowledge, because I would not have been able to do this all by myself.

 

I am glad that you dedicate your time to help people solve problems in this technological time.

I can search for solutions , but I can not determine what files are bad to delete or leave alone.

 

Thank You to You, and your colleges for helping people lucking technological experiences fixing these problems.

 

I uninstalled combo fix.

 

I did the scan with FRST/FRST64 and the final result was:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-07-2014
Ran by John at 2014-07-03 16:36:15 Run:3
Running from C:\Users\John\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
DeleteQuarantine:
end
*****************

"C:\FRST\Quarantine" => Could not be removed.
C:\FRST\Quarantine => Failed to delete.


==== End of Fixlog ====

 

 

Delfix was done.

 

WOT I have that in the Firefox toolbar.

 

CryptoPrevent, I installed and I can see that is to protect from the new treat of locking your system for ransom. Thanks for the info about this.

 

OutpostSecuritySuiteInstall64, Is it OK to install in the system alongside with Microsoft Security, Essentials?

 

I installed NoScript and I am learning what I can do with it.

 

P2P I don`t use.

 

 

Thank You.

Link to comment
Share on other sites

 Share


×
×
  • Create New...