I've done everything I can to remove priceless but it just won't budge, hopefully you might be able to shed some light on how to remove it.
I couldn't upload the files so here they are
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by GTCR (administrator) on GTCR-PC on 08-10-2014 20:17:48
Running from C:\Users\GTCR\Downloads
Loaded Profiles: GTCR & QBDataServiceUser18 (Available profiles: GTCR & QBDataServiceUser18)
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2009-10\QBDBMgrN.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\GTCR\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Webshots.com) C:\Program Files (x86)\Webshots\Webshots.scr
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Enigma Software Group USA, LLC.) C:\Config.Msi\f7b323.rbf
(BitTorrent Inc.) C:\Users\GTCR\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775072 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SBRegRebootCleaner] => C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe [201608 2012-09-20] (GFI Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542104 2012-11-16] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [PennyBee] => C:\Program Files (x86)\PennyBee\PennyBeeW.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: D - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {5ff20fec-126d-11e1-a8ac-4c0f6e755a32} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {5ff2107b-126d-11e1-a8ac-4c0f6e755a32} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {8f76d09e-4e0a-11e2-b821-60eb69563359} - D:\DPFMate.exe
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {bdc77cfb-2331-11e0-aff5-806e6f6e6963} - G:\Fairyland_Magic_Final_V02.exe
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {d622feda-8f46-11e2-abb6-60eb69563359} - E:\DPFMate.exe
HKU\S-1-5-21-3936954855-2866150315-428727479-1003\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3936954855-2866150315-428727479-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
IFEO: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
ShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\Launcher.exe ()
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: http=127.0.0.1:13956;https=127.0.0.1:13956
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/AUW/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.fujifilmimagine.com/imagine/ax/ImageUploader5.cab
DPF: HKLM-x32 {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://www.shockwave.com/content/dinerdashfloonthego/sis/ddfotg.1.0.0.33.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\GTCR\AppData\Roaming\Mozilla\Firefox\Profiles\utkus4jw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @abr.gov.au/KeyMgmtPlugin -> C:\Program Files (x86)\ABR\Plug-In\bin\npAUSkeyPlugin.dll (Commonwealth Government of Australia)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @csi.business.gov.au/CsiPlugin -> C:\Program Files (x86)\Common-Use Signing Interface\bin\npCsiPlugin.dll (Commonwealth Government of Australia)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\GTCR\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\GTCR\AppData\Roaming\Mozilla\Firefox\Profiles\utkus4jw.default\extensions\wrigtdamon@yahoo.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (geography puzzles) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhobhjcbloinpmfpfamnpcedjeiaedk [2014-05-07]
CHR Extension: (TIPP10 - Free touch typing tutor) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfcabopgpiohpfcjkpifbmoclclfkhn [2014-05-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Google Search) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07]
CHR Extension: (Pearson Knowledge Base) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmnokodmjdhcijlahebfcgacgapoojlj [2014-05-07]
CHR Extension: (PRiceLess) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghfaapjenfgankmgijojcaefnfdkedfh [2014-10-07]
CHR Extension: (10.000 Fonts) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfmhfjkjcmcakafhednahpofkekjmjn [2014-05-07]
CHR Extension: (2048) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhdfjankbhklfkjmnmnefcacndeoll [2014-05-07]
CHR Extension: (Typing Test - KeyHero) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-05-07]
CHR Extension: (Build with Chrome) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2014-10-07]
CHR Extension: (Typing Test) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibjemnhlefkohmjeempookiekhdjdj [2014-05-07]
CHR Extension: (TeacherTube) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbnaepfkikcjdhaciekglfcjnfbgpmdn [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236368 2012-11-21] (Lavasoft Limited)
S4 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-04-23] (Acer Incorporated)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S4 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
S4 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-23] (Acer Incorporated)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2009-06-30] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [68672 2009-06-30] (Intuit Inc.) [File not signed]
R2 QuickBooksDB18; C:\Program Files (x86)\Intuit\QuickBooks 2009-10\QBDBMgrN.exe [126016 2009-06-30] (iAnywhere Solutions, Inc.) [File not signed]
S4 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] () [File not signed]
S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S4 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2012-12-04] (GFI Software)
S3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [82048 2011-03-05] (VSO Software) [File not signed]
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2011-04-22] () [File not signed]
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 SASDIFSV; \??\C:\Users\GTCR\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\C:\Users\GTCR\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-08 20:17 - 2014-10-08 20:18 - 00026080 _____ () C:\Users\GTCR\Downloads\FRST.txt
2014-10-08 20:17 - 2014-10-08 20:17 - 00000000 ____D () C:\FRST
2014-10-08 20:16 - 2014-10-08 20:17 - 02109952 _____ (Farbar) C:\Users\GTCR\Downloads\FRST64.exe
2014-10-08 16:04 - 2014-10-08 16:04 - 00000000 _____ () C:\autoexec.bat
2014-10-08 16:03 - 2014-10-08 16:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-08 16:02 - 2014-10-08 20:00 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-08 16:00 - 2014-10-08 16:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\GTCR\Downloads\SpyHunter-Installer.exe
2014-10-08 08:28 - 2014-10-08 08:28 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{066BF116-4E92-428F-83C2-C2EE080FCDFA}
2014-10-07 14:00 - 2014-10-07 14:00 - 02339328 _____ () C:\Users\GTCR\Downloads\Terms of References slides SP3 2014 (1).msg
2014-10-07 13:58 - 2014-10-07 13:58 - 02339328 _____ () C:\Users\GTCR\Downloads\Terms of References slides SP3 2014.msg
2014-10-07 12:57 - 2014-10-07 13:00 - 93379512 _____ (Ingram Content Group) C:\Users\GTCR\Downloads\BookshelfSetup.exe
2014-10-07 12:37 - 2014-10-07 12:37 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\LaunchPad
2014-10-07 11:19 - 2014-10-07 11:19 - 00175616 _____ () C:\Users\GTCR\Downloads\B1-20091.ppt
2014-10-07 11:18 - 2014-10-07 11:18 - 00116472 _____ () C:\Users\GTCR\Downloads\APAC128.zip
2014-10-07 10:42 - 2014-10-07 10:43 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0C0F8FA4-BB1D-48D2-8645-23DFB688B93C}
2014-10-07 03:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-07 03:42 - 2014-10-07 03:45 - 00000000 ____D () C:\AdwCleaner
2014-10-07 03:42 - 2014-10-07 03:42 - 01375089 _____ () C:\Users\GTCR\Downloads\AdwCleaner.exe
2014-10-07 03:24 - 2014-10-07 03:24 - 04603208 _____ (Google) C:\Users\GTCR\Downloads\software_removal_tool (2).exe
2014-10-07 03:24 - 2014-10-07 03:24 - 00001984 _____ () C:\Users\GTCR\Downloads\software_removal_tool (2).log
2014-10-07 03:17 - 2014-10-07 03:17 - 04603208 _____ (Google) C:\Users\GTCR\Downloads\software_removal_tool (1).exe
2014-10-07 03:17 - 2014-10-07 03:17 - 00001490 _____ () C:\Users\GTCR\Downloads\software_removal_tool (1).log
2014-10-07 03:16 - 2014-10-07 03:16 - 04603208 _____ (Google) C:\Users\GTCR\Downloads\software_removal_tool.exe
2014-10-07 03:16 - 2014-10-07 03:16 - 00004317 _____ () C:\Users\GTCR\Downloads\software_removal_tool.log
2014-10-07 02:29 - 2014-10-08 08:37 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 02:29 - 2014-10-07 02:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-07 02:26 - 2014-10-07 02:27 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Deployment
2014-10-07 02:26 - 2014-10-07 02:26 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Apps\2.0
2014-10-07 02:19 - 2014-10-07 03:02 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-10-07 02:18 - 2014-10-07 02:19 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-10-07 01:50 - 2014-10-07 01:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\GTCR\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-07 01:30 - 2014-10-07 01:30 - 31766208 _____ (Microsoft Corporation) C:\Users\GTCR\Downloads\Windows-KB890830-x64-V5.16.exe
2014-10-07 01:07 - 2014-10-07 01:07 - 00003140 _____ () C:\Windows\System32\Tasks\{067AFBAA-9F3C-4E80-94D3-0FCD279AC129}
2014-10-07 00:43 - 2014-10-07 00:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\GTCR\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-07 00:33 - 2014-10-07 00:33 - 00003142 _____ () C:\Windows\System32\Tasks\{6803F45B-5035-437F-98C8-69EF77F28964}
2014-10-07 00:33 - 2014-10-07 00:33 - 00003142 _____ () C:\Windows\System32\Tasks\{1FA28E15-EA6A-4A1B-B876-9DC144E6810D}
2014-10-07 00:25 - 2014-10-07 00:25 - 00000000 ____D () C:\Users\GTCR\AppData\Local\com
2014-10-07 00:24 - 2014-10-07 00:24 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-07 00:22 - 2014-10-07 00:50 - 00000000 ____D () C:\ProgramData\70be09a3a3458b54
2014-10-07 00:22 - 2014-10-07 00:22 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\QBDataServiceUser18\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\QBDataServiceUser18\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Guest
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\ASPNET
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Administrator
2014-10-07 00:03 - 2014-10-07 00:11 - 00013382 ____H () C:\Users\GTCR\Documents\~WRL0003.tmp
2014-10-06 22:42 - 2014-10-06 22:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F8B24AD9-815B-4286-AE81-FEEDF477B491}
2014-10-06 07:46 - 2014-10-06 07:46 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{C4F6C018-F812-4BBF-8771-76C122F84E58}
2014-10-06 07:36 - 2014-10-08 01:09 - 00000000 ____D () C:\Users\GTCR\AppData\Local\ICSharpCode.net
2014-10-06 00:10 - 2014-10-06 00:10 - 00000047 _____ () C:\Users\GTCR\AppData\Roaming\WB.CFG
2014-10-05 15:11 - 2014-10-08 20:11 - 00000288 _____ () C:\Windows\Tasks\PennyBee.job
2014-10-05 15:11 - 2014-10-05 15:11 - 00003224 _____ () C:\Windows\System32\Tasks\PennyBee
2014-10-05 15:10 - 2014-10-05 15:10 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Sparta
2014-10-05 12:50 - 2014-10-05 12:50 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E7EA85F2-839A-4380-9571-F3059CBEB7B7}
2014-10-05 08:26 - 2014-10-05 08:26 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{97DA6265-6077-47C2-AB0D-2BC43042DEEF}
2014-10-04 14:57 - 2014-10-04 14:57 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{48969439-9BBD-4853-A747-806D81759A3B}
2014-10-03 15:30 - 2014-10-03 15:59 - 00000000 ____D () C:\Users\GTCR\Downloads\How to Train Your Dragon 2 2014 1080p WEB-DL x264 AC3-JYK
2014-10-03 14:53 - 2014-10-08 11:59 - 00000000 ____D () C:\Users\GTCR\Downloads\Escape from Planet Earth 2013 720p BRRip x264 AC3-JYK
2014-10-03 14:51 - 2014-10-03 15:19 - 00000000 ____D () C:\Users\GTCR\Downloads\Hoodwinked[2005]DvDrip.AC3[Eng]-aXXo
2014-10-03 14:45 - 2014-10-03 14:47 - 00000000 ____D () C:\Users\GTCR\Downloads\Rio.2.2014.720p.BluRay.x264-x0r
2014-10-03 14:20 - 2014-10-03 15:12 - 00000000 ____D () C:\Users\GTCR\Downloads\Rio (2011)
2014-10-03 13:27 - 2014-10-03 13:27 - 00000000 ____D () C:\Users\GTCR\Downloads\Madagascar 3
2014-10-03 13:19 - 2014-10-03 13:31 - 00000000 ____D () C:\Users\GTCR\Downloads\Greys Anatomy S11E02 HDTV x264-LOL[ettv]
2014-10-03 11:03 - 2014-10-03 11:03 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{B57C31CB-0311-4FF0-8325-5BAD281762E6}
2014-10-02 21:44 - 2014-10-02 21:44 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{347ED864-F3F8-4E7F-9C33-85F9E7DDE50C}
2014-10-02 09:44 - 2014-10-02 09:44 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E44332C0-35F0-4B81-8608-E9AD73CF766C}
2014-10-01 23:09 - 2014-10-01 23:12 - 82364689 _____ () C:\Users\GTCR\Downloads\_02_yoga_nidra_with_shar (1).m4a
2014-10-01 23:06 - 2014-10-01 23:09 - 82364689 _____ () C:\Users\GTCR\Downloads\_02_yoga_nidra_with_shar.m4a
2014-10-01 21:43 - 2014-10-01 21:44 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F81C6D3C-22F5-4F01-BD00-1A144535E30D}
2014-10-01 09:42 - 2014-10-01 09:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{835917F4-C271-442E-A55C-76997B764D70}
2014-09-30 21:14 - 2014-09-30 21:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{4EABE340-2C5C-4457-AA8E-B86EEC8E735A}
2014-09-30 09:14 - 2014-09-30 09:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{A0253E92-76F3-4B66-8C6C-FB1915E4AFD3}
2014-09-29 21:13 - 2014-09-29 21:13 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{80C334D7-B28B-45E6-9ED0-74401F566E5D}
2014-09-29 09:12 - 2014-09-29 09:13 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E3B24BFB-E841-46E8-B608-40F433E45CE0}
2014-09-28 21:12 - 2014-09-28 21:12 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{159532C7-DF8E-4233-9A41-648238A1B81D}
2014-09-28 09:11 - 2014-09-28 09:12 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{D7A562AA-8379-49CB-B816-3D9A4664FA7B}
2014-09-27 09:15 - 2014-09-27 09:16 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{77F6A645-7F88-4048-9609-B8C5178F319E}
2014-09-26 19:59 - 2014-09-26 21:40 - 00000000 ____D () C:\Users\GTCR\Downloads\Greys Anatomy S11E01 HDTV x264-LOL[ettv]
2014-09-26 09:52 - 2014-09-26 09:52 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{B56D63B1-5A38-4FCD-A7EA-B38BE5A2C930}
2014-09-25 21:51 - 2014-09-25 21:51 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0ECB58AF-F36E-4CF6-AF8A-50FF9C8E2BF0}
2014-09-25 09:51 - 2014-09-25 09:51 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{EE7B2855-415D-4559-BCD9-C7368EE08524}
2014-09-24 21:10 - 2014-09-24 21:10 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{A48DD306-4334-4E56-9C5E-00FBAA3651AF}
2014-09-24 09:09 - 2014-09-24 09:09 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{4940188D-E156-4DA3-9D6C-A376F30D87EA}
2014-09-23 20:59 - 2014-09-23 20:59 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F7638106-D9C2-469D-91F8-4D9233D52A57}
2014-09-23 16:28 - 2014-09-23 16:28 - 00651284 _____ () C:\Users\GTCR\Downloads\mp-gps-all-marine-parks-kmz.zip
2014-09-23 08:41 - 2014-09-23 08:41 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{737E8E5B-F8CB-45EB-ADCC-EB081042222C}
2014-09-22 20:31 - 2014-09-22 20:31 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{2F560E68-E72E-4D43-9AC4-98C390DD7099}
2014-09-22 20:06 - 2014-09-22 20:06 - 08405237 _____ () C:\Users\GTCR\Downloads\Week 3 Group Assignment Final Draft-3 (1).pptx
2014-09-22 20:02 - 2014-09-22 20:02 - 08405237 _____ () C:\Users\GTCR\Downloads\Week 3 Group Assignment Final Draft-3.pptx
2014-09-22 19:31 - 2014-09-22 19:44 - 08454890 _____ () C:\Users\GTCR\Downloads\Week 3 Group Assignment Final Draft-1.pptx
2014-09-22 14:18 - 2014-09-22 14:39 - 05843900 _____ () C:\Users\GTCR\Downloads\indigenous presentation Tamara updated (1).pptx
2014-09-22 13:26 - 2014-09-22 13:26 - 05835741 _____ () C:\Users\GTCR\Downloads\indigenous presentation Tamara updated.pptx
2014-09-22 12:00 - 2014-09-22 13:00 - 06821145 _____ () C:\Users\GTCR\Downloads\indigenous presentation.pptx
2014-09-22 11:57 - 2014-09-22 11:57 - 02090967 _____ () C:\Users\GTCR\Downloads\Week 2 Teaching Presentation (2).pptx
2014-09-22 08:31 - 2014-09-22 08:31 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{AE8F22D5-6A6F-4F6F-8C63-67669D866586}
2014-09-21 21:22 - 2014-09-21 21:22 - 02090967 _____ () C:\Users\GTCR\Downloads\Week 2 Teaching Presentation (1).pptx
2014-09-21 19:40 - 2014-09-21 19:40 - 02090967 _____ () C:\Users\GTCR\Downloads\Week 2 Teaching Presentation.pptx
2014-09-21 16:35 - 2014-09-21 16:35 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{798769FE-8330-4F08-B748-C0E301674727}
2014-09-20 21:14 - 2014-09-20 21:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E4C49646-60C3-446E-9B23-D98665321519}
2014-09-20 09:13 - 2014-09-20 09:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{530147D3-9AED-474E-81BF-C8BF8002CE3F}
2014-09-19 17:13 - 2014-09-19 17:13 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F7084ED9-1B21-49F4-A1C5-16DA84C2C719}
2014-09-19 15:42 - 2014-09-19 15:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{AA3AB102-AD45-4EAF-ACCA-850B80530CEF}
2014-09-18 21:15 - 2014-09-18 21:15 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0E8DF272-8A32-4C18-8974-96E44F039158}
2014-09-18 15:15 - 2014-09-18 15:15 - 00188416 _____ () C:\Users\GTCR\Downloads\schlechty-3.ppt.pps
2014-09-18 09:14 - 2014-09-18 09:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{4FEB0DCC-7EF2-4032-BF93-AA6B0C5CED4E}
2014-09-17 20:34 - 2014-09-17 20:35 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{7BABA4A7-CAF3-4AFE-B2FB-451ECC2E731C}
2014-09-17 11:20 - 2014-09-17 11:37 - 00000000 ____D () C:\Users\GTCR\Downloads\snorks
2014-09-17 11:18 - 2014-09-17 11:18 - 00000000 ____D () C:\Users\GTCR\Downloads\[ www.torrenting.com ] - The.Snorks.S01E04.The.New.Neighbors.DVDRiP.x264-RAiNDEER
2014-09-17 08:16 - 2014-09-17 08:16 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{EBB00402-F68C-4EBF-A30A-2A9419D1671E}
2014-09-16 10:19 - 2014-09-16 10:19 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{7E43BD04-1D4E-4F83-814B-DEDA303EC590}
2014-09-15 21:02 - 2014-09-15 21:02 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F2643CFA-612C-4743-8916-288509BF27EF}
2014-09-15 08:46 - 2014-09-15 08:46 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{18D26AD3-8A48-4675-AC4E-E12BDAEE6421}
2014-09-14 08:00 - 2014-09-14 08:01 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{1958D315-5989-47A2-8AAF-0FEF4258D7AC}
2014-09-13 17:14 - 2014-09-13 17:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{6F9FD9A8-B7C5-44B6-A280-297A4B1BFCA6}
2014-09-12 11:05 - 2014-09-12 11:06 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{8D607AC1-EB32-40AC-AA02-7E5A71E53219}
2014-09-11 22:31 - 2014-09-11 22:31 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{06583D44-9BF7-4DF3-B40E-7BEDD12A2F3B}
2014-09-11 10:30 - 2014-09-11 10:30 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{96CA0913-D38D-4FEA-B379-FFAB0D3C0E31}
2014-09-10 22:02 - 2014-09-10 22:02 - 00001930 _____ () C:\Users\Public\Desktop\Play Burger Shop.lnk
2014-09-10 22:02 - 2014-09-10 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burger Shop
2014-09-10 22:02 - 2014-09-10 22:02 - 00000000 ____D () C:\Program Files (x86)\Burger Shop
2014-09-10 21:58 - 2014-09-10 21:58 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{7439C0AF-0910-44B0-A703-649FE64BA494}
2014-09-10 20:52 - 2014-09-10 22:03 - 00000000 ____D () C:\ProgramData\GoBit Games
2014-09-10 20:52 - 2014-09-10 22:02 - 00001252 _____ () C:\Users\Public\Desktop\More Great Games.lnk
2014-09-10 20:52 - 2014-09-10 20:52 - 00001950 _____ () C:\Users\Public\Desktop\Play Burger Shop 2.lnk
2014-09-10 20:52 - 2014-09-10 20:52 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burger Shop 2
2014-09-10 20:52 - 2014-09-10 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burger Shop 2
2014-09-10 20:52 - 2014-09-10 20:52 - 00000000 ____D () C:\Program Files (x86)\Burger Shop 2
2014-09-10 09:57 - 2014-09-10 10:03 - 42807296 _____ () C:\Users\GTCR\Downloads\BlackboardCollaborateLauncher-Win.msi
2014-09-10 09:57 - 2014-09-10 09:57 - 00009623 _____ () C:\Users\GTCR\Downloads\play.collab
2014-09-10 08:15 - 2014-09-10 08:15 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0C5C17E8-F298-4BF2-AA49-25C8B419463D}
2014-09-09 22:50 - 2014-09-09 22:50 - 00000000 ____D () C:\Users\GTCR\AppData\Local\JollyBear
2014-09-09 22:50 - 2014-09-09 22:50 - 00000000 ____D () C:\ProgramData\JollyBear
2014-09-09 22:48 - 2014-09-09 22:48 - 00000000 ____D () C:\ProgramData\Big Fish
2014-09-09 22:47 - 2014-09-11 08:09 - 00000000 ____D () C:\BigFishCache
2014-09-09 22:47 - 2014-09-09 22:49 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Big Fish
2014-09-09 20:04 - 2014-09-09 20:04 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{C5458159-672E-4B17-BA5E-184AE4712E64}
2014-09-09 13:27 - 2014-09-09 13:27 - 02130021 _____ () C:\Users\GTCR\Downloads\Indigenous Australian Education Week 1 SP3 2014 OUA .pptx
2014-09-09 11:27 - 2014-09-09 11:28 - 107959339 _____ () C:\Users\GTCR\Downloads\media.m4v
2014-09-09 08:04 - 2014-09-09 08:04 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{3A147932-E4F1-40B5-A2C8-B5E7119C2797}
2014-09-08 13:01 - 2014-09-08 13:02 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{076E5288-0B4E-4EB6-B17B-EFCB587AA060}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-08 20:17 - 2011-04-20 13:25 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\uTorrent
2014-10-08 19:40 - 2012-10-22 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 19:33 - 2011-02-12 16:42 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-08 19:29 - 2009-07-14 15:43 - 00799862 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-08 17:38 - 2011-01-19 05:08 - 01685571 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 15:38 - 2009-07-14 15:15 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-08 15:38 - 2009-07-14 15:15 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-08 15:33 - 2011-08-13 10:00 - 00000000 ___RD () C:\Users\GTCR\Dropbox
2014-10-08 15:32 - 2011-08-13 09:59 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\Dropbox
2014-10-08 15:30 - 2012-12-04 15:10 - 00001872 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-08 15:30 - 2012-12-04 15:08 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-10-08 15:30 - 2011-02-12 16:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-08 15:30 - 2009-07-14 15:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-08 15:30 - 2009-07-14 15:21 - 00238374 _____ () C:\Windows\setupact.log
2014-10-08 08:23 - 2013-02-24 17:21 - 00000000 ____D () C:\Users\GTCR\AppData\Local\CrashDumps
2014-10-07 22:25 - 2011-01-18 11:05 - 00000000 ____D () C:\ProgramData\Temp
2014-10-07 14:02 - 2013-03-04 16:23 - 00000000 ____D () C:\Users\GTCR\Documents\Outlook Files
2014-10-07 03:46 - 2011-01-19 05:05 - 00279644 _____ () C:\Windows\PFRO.log
2014-10-07 02:28 - 2011-02-12 16:42 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-07 02:28 - 2011-02-12 16:42 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-07 02:27 - 2010-05-14 14:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-07 01:19 - 2009-07-14 13:50 - 00000000 ____D () C:\Windows\IME
2014-10-07 01:17 - 2011-01-18 10:45 - 00000000 ____D () C:\Users\GTCR
2014-10-07 00:45 - 2011-06-28 12:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-07 00:38 - 2011-01-18 10:51 - 00001447 _____ () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-07 00:38 - 2011-01-18 10:51 - 00001413 _____ () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-10-07 00:29 - 2009-07-14 16:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-07 00:21 - 2011-02-03 15:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Google
2014-10-07 00:21 - 2009-07-14 13:50 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-07 00:21 - 2009-07-14 13:50 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-06 11:11 - 2012-05-20 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-05 17:58 - 2011-03-08 12:35 - 00000000 ____D () C:\Users\GTCR\Documents\My Scans
2014-10-05 09:43 - 2013-03-22 18:03 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\.minecraft
2014-09-30 17:03 - 2011-02-10 13:51 - 00000000 ____D () C:\Users\GTCR\Documents\Tamara
2014-09-29 23:44 - 2011-02-10 13:51 - 00000000 ____D () C:\Users\GTCR\Documents\GT Fishing Charters
2014-09-29 23:20 - 2011-09-23 21:26 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\AUSkey
2014-09-24 22:40 - 2012-10-22 21:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 22:40 - 2012-05-02 23:22 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 22:40 - 2011-10-12 12:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 08:48 - 2014-01-12 18:01 - 02745856 ___SH () C:\Users\GTCR\Downloads\Thumbs.db
2014-09-18 15:03 - 2011-08-13 09:59 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 15:03 - 2011-03-13 22:52 - 00007120 _____ () C:\Windows\wininit.ini
2014-09-17 12:37 - 2014-09-04 21:33 - 00000000 ____D () C:\Users\GTCR\Downloads\Chasing Life S01E04 HDTV x264-LOL[ettv]
2014-09-17 12:37 - 2014-09-04 21:29 - 00000000 ____D () C:\Users\GTCR\Downloads\Chasing Life S01E03 HDTV x264-LOL[ettv]
2014-09-15 09:06 - 2011-02-13 22:18 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-09 22:49 - 2012-02-10 22:24 - 00001931 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2014-09-09 22:49 - 2012-02-10 22:24 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2014-09-09 22:49 - 2012-02-10 22:24 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2014-09-09 22:48 - 2011-03-07 23:06 - 00000000 ____D () C:\ProgramData\Big Fish Games
2014-09-09 18:46 - 2014-09-04 21:19 - 00000000 ____D () C:\Users\GTCR\Downloads\Chasing Life S01E02 HDTV x264-LOL[ettv]
Some content of TEMP:
====================
C:\Users\GTCR\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjaluhb.dll
C:\Users\GTCR\AppData\Local\Temp\ose00000.exe
C:\Users\GTCR\AppData\Local\Temp\ose00001.exe
C:\Users\GTCR\AppData\Local\Temp\Quarantine.exe
C:\Users\GTCR\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 08:48
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by GTCR at 2014-10-08 20:19:27
Running from C:\Users\GTCR\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Lavasoft Ad-Aware (Enabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Enabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.0.7615 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.0.7615 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6423 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.0 - liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.02.3003 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0222.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Ad-Aware Antivirus (HKLM-x32\...\{e05859e4-7455-4d01-a9dc-1da760a5d903}) (Version: 10.4.43.4155 - Lavasoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3650 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.0.626 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
Any Audio Converter 3.3.8 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Any Video Converter 3.2.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
Atheros_7.0.2.13_patch2_64 (HKLM-x32\...\{2D13FC7D-42A8-4BF1-AF0C-B3DC68C59448}_is1) (Version: - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F5816A09-786E-C91D-3D99-8A8C92648750}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AUSkey software 1.4.0.6 (HKLM-x32\...\{FF7DD5BE-42FF-44B8-AF36-4A46CD2C6D42}) (Version: 1.4.0.6 - ABR)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BigPond Broadband ADSL (HKLM-x32\...\{433A39B0-380C-4634-93FE-12A812954F5B}) (Version: 9.2 - BigPond)
Blackboard Collaborate Launcher (HKLM-x32\...\{77A1A81A-8986-45A5-863E-9DDD2C753205}) (Version: 1.1.0.0 - Blackboard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Burger Shop (HKLM-x32\...\BFG-Burger Shop) (Version: - )
Burger Shop 2 (HKLM-x32\...\BFG-Burger Shop 2) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0421.657.10561 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0421.657.10561 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help English (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help French (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help German (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0421.657.10561 - ATI) Hidden
ccc-utility64 (Version: 2010.0421.657.10561 - ATI) Hidden
Common-Use Signing Interface (HKLM-x32\...\Common-Use Signing Interface) (Version: - Commonwealth Government of Australia)
Common-Use Signing Interface (x32 Version: 3.1.19 - Australian Taxation Office) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dinosaurs Alive (HKLM-x32\...\Dinosaurs Alive) (Version: 2.0 - ARIUX)
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Fairyland Magic (HKLM-x32\...\Fairyland Magic) (Version: 2.0 - ARIUX)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free YouTube Downloader 3.5.126 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Garmin HomePort (HKLM-x32\...\{F9E97B3C-A505-464B-BA60-D292B25A2F08}) (Version: 2.2.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{CCB71FF8-DE82-469C-8641-44378F4443EB}) (Version: 2.5.4 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISI ResearchSoft - Export Helper (HKLM-x32\...\ISI ResearchSoft - Export Helper) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_19 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142190}) (Version: 1.4.2_19 - Sun Microsystems, Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
MapSend BlueNav Oceania (HKLM-x32\...\{2E1FB029-CDF7-411E-BB46-FE1F310424D7}) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.0 (HKLM\...\{2BF35D84-6377-4F70-9F39-97CF67E67FFF}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
NavDesk 7.30 (HKLM-x32\...\{AB756389-9A03-44f3-ABAF-3699C01B4868}-Navman-7.30) (Version: 7.30.0113.178 - Navman Technology NZ Limited)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3007 - Acer Incorporated)
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickBooks Premier Edition 2009-10 (HKLM-x32\...\{BB49AC20-B123-49d7-81D1-A64F81C5B37E}) (Version: - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6096 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Serif PanoramaPlus Starter Edition (HKLM-x32\...\{64AEB598-E518-4AD0-B02B-99F365B8054C}) (Version: 2.0.0.001 - Serif (Europe) Ltd)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SMART Common Platform (HKLM-x32\...\{0E5DD7A3-BE29-430C-970B-C553F4A58C39}) (Version: 10.8.159.0 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{660B0281-20C5-4FC9-A249-40C860262435}) (Version: 10.8.76.0 - SMART Technologies ULC)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.2.0.0 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.2.0.0 - Splashtop Inc.) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Ultra File Opener (HKCU\...\Ultra File Opener) (Version: 4.1.3.75 - CompuClever Systems Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VitalSource Bookshelf (HKLM-x32\...\{ACBF0550-A317-4C22-AC93-0DDB73087412}) (Version: 6.01.0018 - Ingram Content Group)
WAV MP3 Converter 4.2 Build 1259 (HKLM-x32\...\WAV MP3 Converter 4.2 Build 1259) (Version: - )
Web Easy Professional (x32 Version: 9.0.0 - Avanquest) Hidden
Web Easy Professional 9 (HKLM-x32\...\{7AA8BEEE-1A70-44D4-B57E-FFECC31500B6}) (Version: 9 - Avanquest)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Webshots Desktop (HKLM-x32\...\Webshots Desktop_is1) (Version: - CNET Networks)
Wedding Dash 2: Rings Around the World (HKLM-x32\...\BFG-Wedding Dash 2 - Rings Around the World) (Version: - )
Wedding Dash 4-Ever (HKLM-x32\...\BFG-Wedding Dash 4-Ever) (Version: - )
Wedding Dash: Ready, Aim, Love (HKLM-x32\...\BFG-Wedding Dash - Ready, Aim, Love) (Version: - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.4300 - Broadcom Corporation)
Windows Driver Package - Atheros Communications Inc. (arusb_lhx) Net (09/25/2008 3.1.0.101) (HKLM\...\B090418E214D6BD6EE18A512A8EE609225AC9279) (Version: 09/25/2008 3.1.0.101 - Atheros Communications Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - NETGEAR Inc. (RTL8187) Net (12/01/2006 6.1258.1201.2006) (HKLM\...\5AF8BE22A56B38B1816F36BAC6A71F1277E45440) (Version: 12/01/2006 6.1258.1201.2006 - NETGEAR Inc.)
Windows Driver Package - Thomson (USB_RNDIS) Net (02/15/2007 2.0.0.0) (HKLM\...\2CA3B8348CD526E9B8928840AC68738C5B5A4F8F) (Version: 02/15/2007 2.0.0.0 - Thomson)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Client Runtime (HKLM\...\{84374E3C-60E0-4810-965F-BA05C1BC1D8C}) (Version: 7.250.4226.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.00 beta 5 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.5 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-09-2014 04:42:31 Removed WinZip 18.5
28-09-2014 09:30:26 Windows Backup
05-10-2014 04:50:48 RCP Sun, Oct 05, 14 15:20
05-10-2014 08:30:18 Windows Backup
06-10-2014 13:59:59 Removed ASUS Android USB Drivers.
06-10-2014 14:38:10 Removed MySafeProxy for Internet Explorer
08-10-2014 05:17:28 Windows Update
08-10-2014 05:32:28 Installed SpyHunter
08-10-2014 09:22:57 Removed SpyHunter
08-10-2014 09:28:43 Removed SpyHunter
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-10-08 16:04 - 2014-10-08 16:04 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {077BAA98-09B9-40FF-9867-6C51DE97EEAE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {086478D1-6613-47FE-BD58-47AE628345DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {106C1F53-F968-465C-936A-89E8453D2604} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {18B31C99-588B-48F3-BDE9-270F2234C74B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {1C166ACA-086D-40BF-9CD6-599DD8761D8C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.5.0.67\SymErr.exe
Task: {1EECFA58-81C0-4209-953D-B9654CAAAF46} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {201D3D1B-999C-418B-8ACC-F094ECFBE2A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {24D91765-19E4-4C8D-86CC-D4E81407C343} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2B2EA9DD-C82C-4732-A2AA-A75951D983CD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {2B658D13-D32C-4419-994A-E992F77189CF} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {2F5DE78B-EE9C-493A-8535-87C950F11979} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {47073AEF-56A7-45A7-952E-434A5BD58EE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-07] (Google Inc.)
Task: {568D01FA-5595-4C60-88BA-24EE78C3DC9A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7F322CA7-750A-4C70-8B37-4A51BF69280C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {CB3086B2-D053-40B7-A6DC-6271D5546ABC} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {CF9E45F9-5FBC-4AC0-84A5-964126A4DF0C} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.5.0.67\SymErr.exe
Task: {DC2F246F-2638-490A-9414-2C1753C72B72} - System32\Tasks\Launch ASUS Sync Loader => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
Task: {E8FD5E00-790E-49C7-B339-E1630BA83C0A} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2012-11-21] (Lavasoft Limited)
Task: {F89F6418-3AB8-4C06-9A17-F23E8792A996} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-07] (Google Inc.)
Task: {F9D5D7A1-23FE-4FE8-9EA2-6634A885CFB7} - System32\Tasks\PennyBee => C:\Users\GTCR\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PennyBee.job => C:\Users\GTCR\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-10-26 18:44 - 2012-10-04 19:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2010-03-27 05:11 - 2010-03-27 05:11 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-19 05:08 - 2011-01-19 05:08 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-13 22:16 - 2011-02-13 22:16 - 03379200 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7bd090e8\mscorlib.dll
2011-02-13 22:16 - 2011-02-13 22:16 - 01953792 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4d2df50b\system.dll
2014-10-08 15:32 - 2014-10-08 15:32 - 00043008 _____ () c:\users\gtcr\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjaluhb.dll
2013-08-24 05:31 - 2013-08-24 05:31 - 25100288 _____ () C:\Users\GTCR\AppData\Roaming\Dropbox\bin\libcef.dll
2010-03-09 10:48 - 2010-03-09 10:48 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-05-14 14:48 - 2009-05-20 16:32 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2012-12-04 15:10 - 2014-06-20 07:08 - 00192376 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2012-12-04 15:10 - 2014-06-20 07:08 - 00180088 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\01 - Muddy Puddles.avi:TOC.WMV
AlternateDataStreams: C:\ProgramData\Temp:00811B66
AlternateDataStreams: C:\ProgramData\Temp:014BC3B4
AlternateDataStreams: C:\ProgramData\Temp:03D08225
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4
AlternateDataStreams: C:\ProgramData\Temp:1B3549F2
AlternateDataStreams: C:\ProgramData\Temp:22741C1F
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:33384BC0
AlternateDataStreams: C:\ProgramData\Temp:349E5B74
AlternateDataStreams: C:\ProgramData\Temp:3790BACD
AlternateDataStreams: C:\ProgramData\Temp:3A6BC948
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:453190EC
AlternateDataStreams: C:\ProgramData\Temp:4B244549
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:538B96B5
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:80E965A3
AlternateDataStreams: C:\ProgramData\Temp:89C2A42C
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:966CEAE7
AlternateDataStreams: C:\ProgramData\Temp:9ACB70D7
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:B12D1A7D
AlternateDataStreams: C:\ProgramData\Temp:C43C957E
AlternateDataStreams: C:\ProgramData\Temp:CEE4A457
AlternateDataStreams: C:\ProgramData\Temp:CFF6B3FF
AlternateDataStreams: C:\ProgramData\Temp
2A5A561
AlternateDataStreams: C:\ProgramData\Temp8F9D810
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:ED9B661E
AlternateDataStreams: C:\Users\GTCR\Documents\Council.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Ad-Aware Service => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MWLService => 3
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: NTIBackupSvc => 3
MSCONFIG\Services: NTISchedulerSvc => 2
MSCONFIG\Services: ODDPwrSvc => 2
MSCONFIG\Services: Partner Service => 3
MSCONFIG\Services: QBCFMonitorService => 2
MSCONFIG\Services: QuickBooksDB18 => 2
MSCONFIG\Services: Response Hardware => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: RS_Service => 2
MSCONFIG\Services: SBAMSvc => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Updater Service => 2
========================= Accounts: ==========================
Administrator (S-1-5-21-3936954855-2866150315-428727479-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3936954855-2866150315-428727479-1002 - Limited - Enabled)
GTCR (S-1-5-21-3936954855-2866150315-428727479-1000 - Administrator - Enabled) => C:\Users\GTCR
Guest (S-1-5-21-3936954855-2866150315-428727479-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3936954855-2866150315-428727479-1005 - Limited - Enabled)
QBDataServiceUser18 (S-1-5-21-3936954855-2866150315-428727479-1003 - Limited - Enabled) => C:\Users\QBDataServiceUser18
==================== Faulty Device Manager Devices =============
Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/08/2014 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x005c0032
Faulting process id: 0x840
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service scores since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 00:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program gentlemjmbot_img.tmp version 51.52.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1b00
Start Time: 01cfe16d37d5ca73
Termination Time: 6
Application Path: C:\Users\GTCR\AppData\Local\Temp\is-72L6U.tmp\gentlemjmbot_img.tmp
Report Id:
Error: (10/07/2014 00:27:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program majmbot_gentlemg.tmp version 51.52.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2b50
Start Time: 01cfe16d315a4d77
Termination Time: 22
Application Path: C:\Users\GTCR\AppData\Local\Temp\is-17I3A.tmp\majmbot_gentlemg.tmp
Report Id:
Error: (10/07/2014 00:23:14 AM) (Source: MsiInstaller) (EventID: 11309) (User: GTCR-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (10/05/2014 07:05:56 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: One of the backup files could not be created. (0x8078002A).
System errors:
=============
Error: (10/08/2014 04:32:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (10/08/2014 04:04:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:00:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (10/08/2014 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532unknown0.0.0.000000000c0000005005c003284001cfe278e8a9fb26C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeunknown697a9d4c-4e6c-11e4-8760-60eb69563359
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service scores since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 00:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gentlemjmbot_img.tmp51.52.0.01b0001cfe16d37d5ca736C:\Users\GTCR\AppData\Local\Temp\is-72L6U.tmp\gentlemjmbot_img.tmp
Error: (10/07/2014 00:27:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: majmbot_gentlemg.tmp51.52.0.02b5001cfe16d315a4d7722C:\Users\GTCR\AppData\Local\Temp\is-17I3A.tmp\majmbot_gentlemg.tmp
Error: (10/07/2014 00:23:14 AM) (Source: MsiInstaller) (EventID: 11309) (User: GTCR-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/05/2014 07:05:56 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: One of the backup files could not be created. (0x8078002A)
CodeIntegrity Errors:
===================================
Date: 2014-09-10 09:01:41.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-10 09:01:41.042
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 20:12:50.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 20:08:51.420
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 20:03:24.979
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-10 20:14:33.938
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-10 20:10:24.906
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-29 16:57:29.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-29 16:57:28.973
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-21 20:25:39.965
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
I couldn't upload the files so here they are
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by GTCR (administrator) on GTCR-PC on 08-10-2014 20:17:48
Running from C:\Users\GTCR\Downloads
Loaded Profiles: GTCR & QBDataServiceUser18 (Available profiles: GTCR & QBDataServiceUser18)
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2009-10\QBDBMgrN.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\GTCR\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Webshots.com) C:\Program Files (x86)\Webshots\Webshots.scr
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(GFI Software) C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Enigma Software Group USA, LLC.) C:\Config.Msi\f7b323.rbf
(BitTorrent Inc.) C:\Users\GTCR\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775072 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-04-23] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [223264 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SBRegRebootCleaner] => C:\Program Files (x86)\Ad-Aware Antivirus\SBRC.exe [201608 2012-09-20] (GFI Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542104 2012-11-16] (Lavasoft)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [PennyBee] => C:\Program Files (x86)\PennyBee\PennyBeeW.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: D - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {5ff20fec-126d-11e1-a8ac-4c0f6e755a32} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {5ff2107b-126d-11e1-a8ac-4c0f6e755a32} - D:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {8f76d09e-4e0a-11e2-b821-60eb69563359} - D:\DPFMate.exe
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {bdc77cfb-2331-11e0-aff5-806e6f6e6963} - G:\Fairyland_Magic_Final_V02.exe
HKU\S-1-5-21-3936954855-2866150315-428727479-1000\...\MountPoints2: {d622feda-8f46-11e2-abb6-60eb69563359} - E:\DPFMate.exe
HKU\S-1-5-21-3936954855-2866150315-428727479-1003\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-3936954855-2866150315-428727479-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
IFEO: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk
ShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\Launcher.exe ()
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: http=127.0.0.1:13956;https=127.0.0.1:13956
StartMenuInternet: IEXPLORE.EXE - C:\program files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/AUW/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.fujifilmimagine.com/imagine/ax/ImageUploader5.cab
DPF: HKLM-x32 {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://www.shockwave.com/content/dinerdashfloonthego/sis/ddfotg.1.0.0.33.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\GTCR\AppData\Roaming\Mozilla\Firefox\Profiles\utkus4jw.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @abr.gov.au/KeyMgmtPlugin -> C:\Program Files (x86)\ABR\Plug-In\bin\npAUSkeyPlugin.dll (Commonwealth Government of Australia)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @csi.business.gov.au/CsiPlugin -> C:\Program Files (x86)\Common-Use Signing Interface\bin\npCsiPlugin.dll (Commonwealth Government of Australia)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\GTCR\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-07-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\GTCR\AppData\Roaming\Mozilla\Firefox\Profiles\utkus4jw.default\extensions\wrigtdamon@yahoo.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (geography puzzles) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhobhjcbloinpmfpfamnpcedjeiaedk [2014-05-07]
CHR Extension: (TIPP10 - Free touch typing tutor) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfcabopgpiohpfcjkpifbmoclclfkhn [2014-05-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (Google Search) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-07]
CHR Extension: (Pearson Knowledge Base) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmnokodmjdhcijlahebfcgacgapoojlj [2014-05-07]
CHR Extension: (PRiceLess) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghfaapjenfgankmgijojcaefnfdkedfh [2014-10-07]
CHR Extension: (10.000 Fonts) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdfmhfjkjcmcakafhednahpofkekjmjn [2014-05-07]
CHR Extension: (2048) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhdfjankbhklfkjmnmnefcacndeoll [2014-05-07]
CHR Extension: (Typing Test - KeyHero) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2014-05-07]
CHR Extension: (Build with Chrome) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2014-10-07]
CHR Extension: (Typing Test) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibjemnhlefkohmjeempookiekhdjdj [2014-05-07]
CHR Extension: (TeacherTube) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbnaepfkikcjdhaciekglfcjnfbgpmdn [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\GTCR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236368 2012-11-21] (Lavasoft Limited)
S4 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [820768 2010-04-23] (Acer Incorporated)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
S4 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S4 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
S4 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [171040 2010-04-23] (Acer Incorporated)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2009-06-30] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [68672 2009-06-30] (Intuit Inc.) [File not signed]
R2 QuickBooksDB18; C:\Program Files (x86)\Intuit\QuickBooks 2009-10\QBDBMgrN.exe [126016 2009-06-30] (iAnywhere Solutions, Inc.) [File not signed]
S4 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] () [File not signed]
S4 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S4 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2012-12-04] (GFI Software)
S3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [82048 2011-03-05] (VSO Software) [File not signed]
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2011-04-22] () [File not signed]
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S1 SASDIFSV; \??\C:\Users\GTCR\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.SYS [X]
S1 SASKUTIL; \??\C:\Users\GTCR\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.SYS [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-08 20:17 - 2014-10-08 20:18 - 00026080 _____ () C:\Users\GTCR\Downloads\FRST.txt
2014-10-08 20:17 - 2014-10-08 20:17 - 00000000 ____D () C:\FRST
2014-10-08 20:16 - 2014-10-08 20:17 - 02109952 _____ (Farbar) C:\Users\GTCR\Downloads\FRST64.exe
2014-10-08 16:04 - 2014-10-08 16:04 - 00000000 _____ () C:\autoexec.bat
2014-10-08 16:03 - 2014-10-08 16:03 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-10-08 16:02 - 2014-10-08 20:00 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-10-08 16:00 - 2014-10-08 16:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\GTCR\Downloads\SpyHunter-Installer.exe
2014-10-08 08:28 - 2014-10-08 08:28 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{066BF116-4E92-428F-83C2-C2EE080FCDFA}
2014-10-07 14:00 - 2014-10-07 14:00 - 02339328 _____ () C:\Users\GTCR\Downloads\Terms of References slides SP3 2014 (1).msg
2014-10-07 13:58 - 2014-10-07 13:58 - 02339328 _____ () C:\Users\GTCR\Downloads\Terms of References slides SP3 2014.msg
2014-10-07 12:57 - 2014-10-07 13:00 - 93379512 _____ (Ingram Content Group) C:\Users\GTCR\Downloads\BookshelfSetup.exe
2014-10-07 12:37 - 2014-10-07 12:37 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\LaunchPad
2014-10-07 11:19 - 2014-10-07 11:19 - 00175616 _____ () C:\Users\GTCR\Downloads\B1-20091.ppt
2014-10-07 11:18 - 2014-10-07 11:18 - 00116472 _____ () C:\Users\GTCR\Downloads\APAC128.zip
2014-10-07 10:42 - 2014-10-07 10:43 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0C0F8FA4-BB1D-48D2-8645-23DFB688B93C}
2014-10-07 03:44 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-10-07 03:42 - 2014-10-07 03:45 - 00000000 ____D () C:\AdwCleaner
2014-10-07 03:42 - 2014-10-07 03:42 - 01375089 _____ () C:\Users\GTCR\Downloads\AdwCleaner.exe
2014-10-07 03:24 - 2014-10-07 03:24 - 04603208 _____ (Google) C:\Users\GTCR\Downloads\software_removal_tool (2).exe
2014-10-07 03:24 - 2014-10-07 03:24 - 00001984 _____ () C:\Users\GTCR\Downloads\software_removal_tool (2).log
2014-10-07 03:17 - 2014-10-07 03:17 - 04603208 _____ (Google) C:\Users\GTCR\Downloads\software_removal_tool (1).exe
2014-10-07 03:17 - 2014-10-07 03:17 - 00001490 _____ () C:\Users\GTCR\Downloads\software_removal_tool (1).log
2014-10-07 03:16 - 2014-10-07 03:16 - 04603208 _____ (Google) C:\Users\GTCR\Downloads\software_removal_tool.exe
2014-10-07 03:16 - 2014-10-07 03:16 - 00004317 _____ () C:\Users\GTCR\Downloads\software_removal_tool.log
2014-10-07 02:29 - 2014-10-08 08:37 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 02:29 - 2014-10-07 02:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-07 02:26 - 2014-10-07 02:27 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Deployment
2014-10-07 02:26 - 2014-10-07 02:26 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Apps\2.0
2014-10-07 02:19 - 2014-10-07 03:02 - 00290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2014-10-07 02:18 - 2014-10-07 02:19 - 00000000 ____D () C:\Program Files\Adware-Removal-Tool
2014-10-07 01:50 - 2014-10-07 01:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\GTCR\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-07 01:30 - 2014-10-07 01:30 - 31766208 _____ (Microsoft Corporation) C:\Users\GTCR\Downloads\Windows-KB890830-x64-V5.16.exe
2014-10-07 01:07 - 2014-10-07 01:07 - 00003140 _____ () C:\Windows\System32\Tasks\{067AFBAA-9F3C-4E80-94D3-0FCD279AC129}
2014-10-07 00:43 - 2014-10-07 00:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\GTCR\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-07 00:33 - 2014-10-07 00:33 - 00003142 _____ () C:\Windows\System32\Tasks\{6803F45B-5035-437F-98C8-69EF77F28964}
2014-10-07 00:33 - 2014-10-07 00:33 - 00003142 _____ () C:\Windows\System32\Tasks\{1FA28E15-EA6A-4A1B-B876-9DC144E6810D}
2014-10-07 00:25 - 2014-10-07 00:25 - 00000000 ____D () C:\Users\GTCR\AppData\Local\com
2014-10-07 00:24 - 2014-10-07 00:24 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-07 00:22 - 2014-10-07 00:50 - 00000000 ____D () C:\ProgramData\70be09a3a3458b54
2014-10-07 00:22 - 2014-10-07 00:22 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\QBDataServiceUser18\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\QBDataServiceUser18\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Guest
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\ASPNET
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-10-07 00:21 - 2014-10-07 00:21 - 00000000 ____D () C:\Users\Administrator
2014-10-07 00:03 - 2014-10-07 00:11 - 00013382 ____H () C:\Users\GTCR\Documents\~WRL0003.tmp
2014-10-06 22:42 - 2014-10-06 22:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F8B24AD9-815B-4286-AE81-FEEDF477B491}
2014-10-06 07:46 - 2014-10-06 07:46 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{C4F6C018-F812-4BBF-8771-76C122F84E58}
2014-10-06 07:36 - 2014-10-08 01:09 - 00000000 ____D () C:\Users\GTCR\AppData\Local\ICSharpCode.net
2014-10-06 00:10 - 2014-10-06 00:10 - 00000047 _____ () C:\Users\GTCR\AppData\Roaming\WB.CFG
2014-10-05 15:11 - 2014-10-08 20:11 - 00000288 _____ () C:\Windows\Tasks\PennyBee.job
2014-10-05 15:11 - 2014-10-05 15:11 - 00003224 _____ () C:\Windows\System32\Tasks\PennyBee
2014-10-05 15:10 - 2014-10-05 15:10 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Sparta
2014-10-05 12:50 - 2014-10-05 12:50 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E7EA85F2-839A-4380-9571-F3059CBEB7B7}
2014-10-05 08:26 - 2014-10-05 08:26 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{97DA6265-6077-47C2-AB0D-2BC43042DEEF}
2014-10-04 14:57 - 2014-10-04 14:57 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{48969439-9BBD-4853-A747-806D81759A3B}
2014-10-03 15:30 - 2014-10-03 15:59 - 00000000 ____D () C:\Users\GTCR\Downloads\How to Train Your Dragon 2 2014 1080p WEB-DL x264 AC3-JYK
2014-10-03 14:53 - 2014-10-08 11:59 - 00000000 ____D () C:\Users\GTCR\Downloads\Escape from Planet Earth 2013 720p BRRip x264 AC3-JYK
2014-10-03 14:51 - 2014-10-03 15:19 - 00000000 ____D () C:\Users\GTCR\Downloads\Hoodwinked[2005]DvDrip.AC3[Eng]-aXXo
2014-10-03 14:45 - 2014-10-03 14:47 - 00000000 ____D () C:\Users\GTCR\Downloads\Rio.2.2014.720p.BluRay.x264-x0r
2014-10-03 14:20 - 2014-10-03 15:12 - 00000000 ____D () C:\Users\GTCR\Downloads\Rio (2011)
2014-10-03 13:27 - 2014-10-03 13:27 - 00000000 ____D () C:\Users\GTCR\Downloads\Madagascar 3
2014-10-03 13:19 - 2014-10-03 13:31 - 00000000 ____D () C:\Users\GTCR\Downloads\Greys Anatomy S11E02 HDTV x264-LOL[ettv]
2014-10-03 11:03 - 2014-10-03 11:03 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{B57C31CB-0311-4FF0-8325-5BAD281762E6}
2014-10-02 21:44 - 2014-10-02 21:44 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{347ED864-F3F8-4E7F-9C33-85F9E7DDE50C}
2014-10-02 09:44 - 2014-10-02 09:44 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E44332C0-35F0-4B81-8608-E9AD73CF766C}
2014-10-01 23:09 - 2014-10-01 23:12 - 82364689 _____ () C:\Users\GTCR\Downloads\_02_yoga_nidra_with_shar (1).m4a
2014-10-01 23:06 - 2014-10-01 23:09 - 82364689 _____ () C:\Users\GTCR\Downloads\_02_yoga_nidra_with_shar.m4a
2014-10-01 21:43 - 2014-10-01 21:44 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F81C6D3C-22F5-4F01-BD00-1A144535E30D}
2014-10-01 09:42 - 2014-10-01 09:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{835917F4-C271-442E-A55C-76997B764D70}
2014-09-30 21:14 - 2014-09-30 21:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{4EABE340-2C5C-4457-AA8E-B86EEC8E735A}
2014-09-30 09:14 - 2014-09-30 09:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{A0253E92-76F3-4B66-8C6C-FB1915E4AFD3}
2014-09-29 21:13 - 2014-09-29 21:13 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{80C334D7-B28B-45E6-9ED0-74401F566E5D}
2014-09-29 09:12 - 2014-09-29 09:13 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E3B24BFB-E841-46E8-B608-40F433E45CE0}
2014-09-28 21:12 - 2014-09-28 21:12 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{159532C7-DF8E-4233-9A41-648238A1B81D}
2014-09-28 09:11 - 2014-09-28 09:12 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{D7A562AA-8379-49CB-B816-3D9A4664FA7B}
2014-09-27 09:15 - 2014-09-27 09:16 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{77F6A645-7F88-4048-9609-B8C5178F319E}
2014-09-26 19:59 - 2014-09-26 21:40 - 00000000 ____D () C:\Users\GTCR\Downloads\Greys Anatomy S11E01 HDTV x264-LOL[ettv]
2014-09-26 09:52 - 2014-09-26 09:52 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{B56D63B1-5A38-4FCD-A7EA-B38BE5A2C930}
2014-09-25 21:51 - 2014-09-25 21:51 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0ECB58AF-F36E-4CF6-AF8A-50FF9C8E2BF0}
2014-09-25 09:51 - 2014-09-25 09:51 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{EE7B2855-415D-4559-BCD9-C7368EE08524}
2014-09-24 21:10 - 2014-09-24 21:10 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{A48DD306-4334-4E56-9C5E-00FBAA3651AF}
2014-09-24 09:09 - 2014-09-24 09:09 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{4940188D-E156-4DA3-9D6C-A376F30D87EA}
2014-09-23 20:59 - 2014-09-23 20:59 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F7638106-D9C2-469D-91F8-4D9233D52A57}
2014-09-23 16:28 - 2014-09-23 16:28 - 00651284 _____ () C:\Users\GTCR\Downloads\mp-gps-all-marine-parks-kmz.zip
2014-09-23 08:41 - 2014-09-23 08:41 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{737E8E5B-F8CB-45EB-ADCC-EB081042222C}
2014-09-22 20:31 - 2014-09-22 20:31 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{2F560E68-E72E-4D43-9AC4-98C390DD7099}
2014-09-22 20:06 - 2014-09-22 20:06 - 08405237 _____ () C:\Users\GTCR\Downloads\Week 3 Group Assignment Final Draft-3 (1).pptx
2014-09-22 20:02 - 2014-09-22 20:02 - 08405237 _____ () C:\Users\GTCR\Downloads\Week 3 Group Assignment Final Draft-3.pptx
2014-09-22 19:31 - 2014-09-22 19:44 - 08454890 _____ () C:\Users\GTCR\Downloads\Week 3 Group Assignment Final Draft-1.pptx
2014-09-22 14:18 - 2014-09-22 14:39 - 05843900 _____ () C:\Users\GTCR\Downloads\indigenous presentation Tamara updated (1).pptx
2014-09-22 13:26 - 2014-09-22 13:26 - 05835741 _____ () C:\Users\GTCR\Downloads\indigenous presentation Tamara updated.pptx
2014-09-22 12:00 - 2014-09-22 13:00 - 06821145 _____ () C:\Users\GTCR\Downloads\indigenous presentation.pptx
2014-09-22 11:57 - 2014-09-22 11:57 - 02090967 _____ () C:\Users\GTCR\Downloads\Week 2 Teaching Presentation (2).pptx
2014-09-22 08:31 - 2014-09-22 08:31 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{AE8F22D5-6A6F-4F6F-8C63-67669D866586}
2014-09-21 21:22 - 2014-09-21 21:22 - 02090967 _____ () C:\Users\GTCR\Downloads\Week 2 Teaching Presentation (1).pptx
2014-09-21 19:40 - 2014-09-21 19:40 - 02090967 _____ () C:\Users\GTCR\Downloads\Week 2 Teaching Presentation.pptx
2014-09-21 16:35 - 2014-09-21 16:35 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{798769FE-8330-4F08-B748-C0E301674727}
2014-09-20 21:14 - 2014-09-20 21:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{E4C49646-60C3-446E-9B23-D98665321519}
2014-09-20 09:13 - 2014-09-20 09:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{530147D3-9AED-474E-81BF-C8BF8002CE3F}
2014-09-19 17:13 - 2014-09-19 17:13 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F7084ED9-1B21-49F4-A1C5-16DA84C2C719}
2014-09-19 15:42 - 2014-09-19 15:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{AA3AB102-AD45-4EAF-ACCA-850B80530CEF}
2014-09-18 21:15 - 2014-09-18 21:15 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0E8DF272-8A32-4C18-8974-96E44F039158}
2014-09-18 15:15 - 2014-09-18 15:15 - 00188416 _____ () C:\Users\GTCR\Downloads\schlechty-3.ppt.pps
2014-09-18 09:14 - 2014-09-18 09:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{4FEB0DCC-7EF2-4032-BF93-AA6B0C5CED4E}
2014-09-17 20:34 - 2014-09-17 20:35 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{7BABA4A7-CAF3-4AFE-B2FB-451ECC2E731C}
2014-09-17 11:20 - 2014-09-17 11:37 - 00000000 ____D () C:\Users\GTCR\Downloads\snorks
2014-09-17 11:18 - 2014-09-17 11:18 - 00000000 ____D () C:\Users\GTCR\Downloads\[ www.torrenting.com ] - The.Snorks.S01E04.The.New.Neighbors.DVDRiP.x264-RAiNDEER
2014-09-17 08:16 - 2014-09-17 08:16 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{EBB00402-F68C-4EBF-A30A-2A9419D1671E}
2014-09-16 10:19 - 2014-09-16 10:19 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{7E43BD04-1D4E-4F83-814B-DEDA303EC590}
2014-09-15 21:02 - 2014-09-15 21:02 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{F2643CFA-612C-4743-8916-288509BF27EF}
2014-09-15 08:46 - 2014-09-15 08:46 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{18D26AD3-8A48-4675-AC4E-E12BDAEE6421}
2014-09-14 08:00 - 2014-09-14 08:01 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{1958D315-5989-47A2-8AAF-0FEF4258D7AC}
2014-09-13 17:14 - 2014-09-13 17:14 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{6F9FD9A8-B7C5-44B6-A280-297A4B1BFCA6}
2014-09-12 11:05 - 2014-09-12 11:06 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{8D607AC1-EB32-40AC-AA02-7E5A71E53219}
2014-09-11 22:31 - 2014-09-11 22:31 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{06583D44-9BF7-4DF3-B40E-7BEDD12A2F3B}
2014-09-11 10:30 - 2014-09-11 10:30 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{96CA0913-D38D-4FEA-B379-FFAB0D3C0E31}
2014-09-10 22:02 - 2014-09-10 22:02 - 00001930 _____ () C:\Users\Public\Desktop\Play Burger Shop.lnk
2014-09-10 22:02 - 2014-09-10 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burger Shop
2014-09-10 22:02 - 2014-09-10 22:02 - 00000000 ____D () C:\Program Files (x86)\Burger Shop
2014-09-10 21:58 - 2014-09-10 21:58 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{7439C0AF-0910-44B0-A703-649FE64BA494}
2014-09-10 20:52 - 2014-09-10 22:03 - 00000000 ____D () C:\ProgramData\GoBit Games
2014-09-10 20:52 - 2014-09-10 22:02 - 00001252 _____ () C:\Users\Public\Desktop\More Great Games.lnk
2014-09-10 20:52 - 2014-09-10 20:52 - 00001950 _____ () C:\Users\Public\Desktop\Play Burger Shop 2.lnk
2014-09-10 20:52 - 2014-09-10 20:52 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burger Shop 2
2014-09-10 20:52 - 2014-09-10 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burger Shop 2
2014-09-10 20:52 - 2014-09-10 20:52 - 00000000 ____D () C:\Program Files (x86)\Burger Shop 2
2014-09-10 09:57 - 2014-09-10 10:03 - 42807296 _____ () C:\Users\GTCR\Downloads\BlackboardCollaborateLauncher-Win.msi
2014-09-10 09:57 - 2014-09-10 09:57 - 00009623 _____ () C:\Users\GTCR\Downloads\play.collab
2014-09-10 08:15 - 2014-09-10 08:15 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{0C5C17E8-F298-4BF2-AA49-25C8B419463D}
2014-09-09 22:50 - 2014-09-09 22:50 - 00000000 ____D () C:\Users\GTCR\AppData\Local\JollyBear
2014-09-09 22:50 - 2014-09-09 22:50 - 00000000 ____D () C:\ProgramData\JollyBear
2014-09-09 22:48 - 2014-09-09 22:48 - 00000000 ____D () C:\ProgramData\Big Fish
2014-09-09 22:47 - 2014-09-11 08:09 - 00000000 ____D () C:\BigFishCache
2014-09-09 22:47 - 2014-09-09 22:49 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Big Fish
2014-09-09 20:04 - 2014-09-09 20:04 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{C5458159-672E-4B17-BA5E-184AE4712E64}
2014-09-09 13:27 - 2014-09-09 13:27 - 02130021 _____ () C:\Users\GTCR\Downloads\Indigenous Australian Education Week 1 SP3 2014 OUA .pptx
2014-09-09 11:27 - 2014-09-09 11:28 - 107959339 _____ () C:\Users\GTCR\Downloads\media.m4v
2014-09-09 08:04 - 2014-09-09 08:04 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{3A147932-E4F1-40B5-A2C8-B5E7119C2797}
2014-09-08 13:01 - 2014-09-08 13:02 - 00000000 ____D () C:\Users\GTCR\AppData\Local\{076E5288-0B4E-4EB6-B17B-EFCB587AA060}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-08 20:17 - 2011-04-20 13:25 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\uTorrent
2014-10-08 19:40 - 2012-10-22 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 19:33 - 2011-02-12 16:42 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-08 19:29 - 2009-07-14 15:43 - 00799862 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-08 17:38 - 2011-01-19 05:08 - 01685571 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 15:38 - 2009-07-14 15:15 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-08 15:38 - 2009-07-14 15:15 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-08 15:33 - 2011-08-13 10:00 - 00000000 ___RD () C:\Users\GTCR\Dropbox
2014-10-08 15:32 - 2011-08-13 09:59 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\Dropbox
2014-10-08 15:30 - 2012-12-04 15:10 - 00001872 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-08 15:30 - 2012-12-04 15:08 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-10-08 15:30 - 2011-02-12 16:42 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-08 15:30 - 2009-07-14 15:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-08 15:30 - 2009-07-14 15:21 - 00238374 _____ () C:\Windows\setupact.log
2014-10-08 08:23 - 2013-02-24 17:21 - 00000000 ____D () C:\Users\GTCR\AppData\Local\CrashDumps
2014-10-07 22:25 - 2011-01-18 11:05 - 00000000 ____D () C:\ProgramData\Temp
2014-10-07 14:02 - 2013-03-04 16:23 - 00000000 ____D () C:\Users\GTCR\Documents\Outlook Files
2014-10-07 03:46 - 2011-01-19 05:05 - 00279644 _____ () C:\Windows\PFRO.log
2014-10-07 02:28 - 2011-02-12 16:42 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-07 02:28 - 2011-02-12 16:42 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-07 02:27 - 2010-05-14 14:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-07 01:19 - 2009-07-14 13:50 - 00000000 ____D () C:\Windows\IME
2014-10-07 01:17 - 2011-01-18 10:45 - 00000000 ____D () C:\Users\GTCR
2014-10-07 00:45 - 2011-06-28 12:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-07 00:38 - 2011-01-18 10:51 - 00001447 _____ () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-07 00:38 - 2011-01-18 10:51 - 00001413 _____ () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-10-07 00:29 - 2009-07-14 16:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-07 00:21 - 2011-02-03 15:42 - 00000000 ____D () C:\Users\GTCR\AppData\Local\Google
2014-10-07 00:21 - 2009-07-14 13:50 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-07 00:21 - 2009-07-14 13:50 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-10-06 11:11 - 2012-05-20 22:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-05 17:58 - 2011-03-08 12:35 - 00000000 ____D () C:\Users\GTCR\Documents\My Scans
2014-10-05 09:43 - 2013-03-22 18:03 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\.minecraft
2014-09-30 17:03 - 2011-02-10 13:51 - 00000000 ____D () C:\Users\GTCR\Documents\Tamara
2014-09-29 23:44 - 2011-02-10 13:51 - 00000000 ____D () C:\Users\GTCR\Documents\GT Fishing Charters
2014-09-29 23:20 - 2011-09-23 21:26 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\AUSkey
2014-09-24 22:40 - 2012-10-22 21:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 22:40 - 2012-05-02 23:22 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 22:40 - 2011-10-12 12:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 08:48 - 2014-01-12 18:01 - 02745856 ___SH () C:\Users\GTCR\Downloads\Thumbs.db
2014-09-18 15:03 - 2011-08-13 09:59 - 00000000 ____D () C:\Users\GTCR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 15:03 - 2011-03-13 22:52 - 00007120 _____ () C:\Windows\wininit.ini
2014-09-17 12:37 - 2014-09-04 21:33 - 00000000 ____D () C:\Users\GTCR\Downloads\Chasing Life S01E04 HDTV x264-LOL[ettv]
2014-09-17 12:37 - 2014-09-04 21:29 - 00000000 ____D () C:\Users\GTCR\Downloads\Chasing Life S01E03 HDTV x264-LOL[ettv]
2014-09-15 09:06 - 2011-02-13 22:18 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-09 22:49 - 2012-02-10 22:24 - 00001931 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2014-09-09 22:49 - 2012-02-10 22:24 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2014-09-09 22:49 - 2012-02-10 22:24 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2014-09-09 22:48 - 2011-03-07 23:06 - 00000000 ____D () C:\ProgramData\Big Fish Games
2014-09-09 18:46 - 2014-09-04 21:19 - 00000000 ____D () C:\Users\GTCR\Downloads\Chasing Life S01E02 HDTV x264-LOL[ettv]
Some content of TEMP:
====================
C:\Users\GTCR\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjaluhb.dll
C:\Users\GTCR\AppData\Local\Temp\ose00000.exe
C:\Users\GTCR\AppData\Local\Temp\ose00001.exe
C:\Users\GTCR\AppData\Local\Temp\Quarantine.exe
C:\Users\GTCR\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 08:48
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by GTCR at 2014-10-08 20:19:27
Running from C:\Users\GTCR\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Lavasoft Ad-Aware (Enabled - Up to date) {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Lavasoft Ad-Aware (Enabled - Up to date) {5BB89C30-6480-BC7C-9F17-199BD76F557A}
FW: Lavasoft Ad-Aware (Disabled) {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
4500_G510af_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.0.7615 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.0.7615 - CyberLink Corp.) Hidden
Acer Arcade Movie (x32 Version: 9.0.6423 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.0 - liteon)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.02.3003 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0222.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Ad-Aware Antivirus (HKLM-x32\...\{e05859e4-7455-4d01-a9dc-1da760a5d903}) (Version: 10.4.43.4155 - Lavasoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3650 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.0.626 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.05001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.05001 - Alcor Micro Corp.) Hidden
Any Audio Converter 3.3.8 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Any Video Converter 3.2.3 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.23 - Atheros Communications Inc.)
Atheros_7.0.2.13_patch2_64 (HKLM-x32\...\{2D13FC7D-42A8-4BF1-AF0C-B3DC68C59448}_is1) (Version: - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F5816A09-786E-C91D-3D99-8A8C92648750}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AUSkey software 1.4.0.6 (HKLM-x32\...\{FF7DD5BE-42FF-44B8-AF36-4A46CD2C6D42}) (Version: 1.4.0.6 - ABR)
Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BigPond Broadband ADSL (HKLM-x32\...\{433A39B0-380C-4634-93FE-12A812954F5B}) (Version: 9.2 - BigPond)
Blackboard Collaborate Launcher (HKLM-x32\...\{77A1A81A-8986-45A5-863E-9DDD2C753205}) (Version: 1.1.0.0 - Blackboard)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Burger Shop (HKLM-x32\...\BFG-Burger Shop) (Version: - )
Burger Shop 2 (HKLM-x32\...\BFG-Burger Shop 2) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0421.657.10561 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0421.657.10561 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0421.657.10561 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help English (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help French (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help German (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0421.0656.10561 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0421.657.10561 - ATI) Hidden
ccc-utility64 (Version: 2010.0421.657.10561 - ATI) Hidden
Common-Use Signing Interface (HKLM-x32\...\Common-Use Signing Interface) (Version: - Commonwealth Government of Australia)
Common-Use Signing Interface (x32 Version: 3.1.19 - Australian Taxation Office) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dinosaurs Alive (HKLM-x32\...\Dinosaurs Alive) (Version: 2.0 - ARIUX)
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Fairyland Magic (HKLM-x32\...\Fairyland Magic) (Version: 2.0 - ARIUX)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free YouTube Downloader 3.5.126 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Garmin HomePort (HKLM-x32\...\{F9E97B3C-A505-464B-BA60-D292B25A2F08}) (Version: 2.2.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{CCB71FF8-DE82-469C-8641-44378F4443EB}) (Version: 2.5.4 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510a-f (HKLM\...\{C98517B6-DCE9-49B7-B19E-E384178D3986}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISI ResearchSoft - Export Helper (HKLM-x32\...\ISI ResearchSoft - Export Helper) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_19 (HKLM-x32\...\{7148F0A8-6813-11D6-A77B-00B0D0142190}) (Version: 1.4.2_19 - Sun Microsystems, Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
MapSend BlueNav Oceania (HKLM-x32\...\{2E1FB029-CDF7-411E-BB46-FE1F310424D7}) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.0 (HKLM\...\{2BF35D84-6377-4F70-9F39-97CF67E67FFF}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
NavDesk 7.30 (HKLM-x32\...\{AB756389-9A03-44f3-ABAF-3699C01B4868}-Navman-7.30) (Version: 7.30.0113.178 - Navman Technology NZ Limited)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Optical Drive Power Management (HKLM-x32\...\{AE09C972-EEB2-4DA5-8090-0FCF54576854}) (Version: 1.01.3007 - Acer Incorporated)
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickBooks Premier Edition 2009-10 (HKLM-x32\...\{BB49AC20-B123-49d7-81D1-A64F81C5B37E}) (Version: - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6096 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Serif PanoramaPlus Starter Edition (HKLM-x32\...\{64AEB598-E518-4AD0-B02B-99F365B8054C}) (Version: 2.0.0.001 - Serif (Europe) Ltd)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SMART Common Platform (HKLM-x32\...\{0E5DD7A3-BE29-430C-970B-C553F4A58C39}) (Version: 10.8.159.0 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{660B0281-20C5-4FC9-A249-40C860262435}) (Version: 10.8.76.0 - SMART Technologies ULC)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.2.0.0 - Splashtop Inc.)
Splashtop Streamer (x32 Version: 2.2.0.0 - Splashtop Inc.) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Ultra File Opener (HKCU\...\Ultra File Opener) (Version: 4.1.3.75 - CompuClever Systems Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VitalSource Bookshelf (HKLM-x32\...\{ACBF0550-A317-4C22-AC93-0DDB73087412}) (Version: 6.01.0018 - Ingram Content Group)
WAV MP3 Converter 4.2 Build 1259 (HKLM-x32\...\WAV MP3 Converter 4.2 Build 1259) (Version: - )
Web Easy Professional (x32 Version: 9.0.0 - Avanquest) Hidden
Web Easy Professional 9 (HKLM-x32\...\{7AA8BEEE-1A70-44D4-B57E-FFECC31500B6}) (Version: 9 - Avanquest)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Webshots Desktop (HKLM-x32\...\Webshots Desktop_is1) (Version: - CNET Networks)
Wedding Dash 2: Rings Around the World (HKLM-x32\...\BFG-Wedding Dash 2 - Rings Around the World) (Version: - )
Wedding Dash 4-Ever (HKLM-x32\...\BFG-Wedding Dash 4-Ever) (Version: - )
Wedding Dash: Ready, Aim, Love (HKLM-x32\...\BFG-Wedding Dash - Ready, Aim, Love) (Version: - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.4300 - Broadcom Corporation)
Windows Driver Package - Atheros Communications Inc. (arusb_lhx) Net (09/25/2008 3.1.0.101) (HKLM\...\B090418E214D6BD6EE18A512A8EE609225AC9279) (Version: 09/25/2008 3.1.0.101 - Atheros Communications Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - NETGEAR Inc. (RTL8187) Net (12/01/2006 6.1258.1201.2006) (HKLM\...\5AF8BE22A56B38B1816F36BAC6A71F1277E45440) (Version: 12/01/2006 6.1258.1201.2006 - NETGEAR Inc.)
Windows Driver Package - Thomson (USB_RNDIS) Net (02/15/2007 2.0.0.0) (HKLM\...\2CA3B8348CD526E9B8928840AC68738C5B5A4F8F) (Version: 02/15/2007 2.0.0.0 - Thomson)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Client Runtime (HKLM\...\{84374E3C-60E0-4810-965F-BA05C1BC1D8C}) (Version: 7.250.4226.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.00 beta 5 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.00.5 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3936954855-2866150315-428727479-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\GTCR\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-09-2014 04:42:31 Removed WinZip 18.5
28-09-2014 09:30:26 Windows Backup
05-10-2014 04:50:48 RCP Sun, Oct 05, 14 15:20
05-10-2014 08:30:18 Windows Backup
06-10-2014 13:59:59 Removed ASUS Android USB Drivers.
06-10-2014 14:38:10 Removed MySafeProxy for Internet Explorer
08-10-2014 05:17:28 Windows Update
08-10-2014 05:32:28 Installed SpyHunter
08-10-2014 09:22:57 Removed SpyHunter
08-10-2014 09:28:43 Removed SpyHunter
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-10-08 16:04 - 2014-10-08 16:04 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {077BAA98-09B9-40FF-9867-6C51DE97EEAE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {086478D1-6613-47FE-BD58-47AE628345DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {106C1F53-F968-465C-936A-89E8453D2604} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {18B31C99-588B-48F3-BDE9-270F2234C74B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {1C166ACA-086D-40BF-9CD6-599DD8761D8C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.5.0.67\SymErr.exe
Task: {1EECFA58-81C0-4209-953D-B9654CAAAF46} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {201D3D1B-999C-418B-8ACC-F094ECFBE2A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {24D91765-19E4-4C8D-86CC-D4E81407C343} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2B2EA9DD-C82C-4732-A2AA-A75951D983CD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {2B658D13-D32C-4419-994A-E992F77189CF} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {2F5DE78B-EE9C-493A-8535-87C950F11979} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {47073AEF-56A7-45A7-952E-434A5BD58EE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-07] (Google Inc.)
Task: {568D01FA-5595-4C60-88BA-24EE78C3DC9A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7F322CA7-750A-4C70-8B37-4A51BF69280C} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {CB3086B2-D053-40B7-A6DC-6271D5546ABC} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3936954855-2866150315-428727479-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {CF9E45F9-5FBC-4AC0-84A5-964126A4DF0C} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Safe Web Lite\Engine\2014.5.0.67\SymErr.exe
Task: {DC2F246F-2638-490A-9414-2C1753C72B72} - System32\Tasks\Launch ASUS Sync Loader => C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
Task: {E8FD5E00-790E-49C7-B339-E1630BA83C0A} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe [2012-11-21] (Lavasoft Limited)
Task: {F89F6418-3AB8-4C06-9A17-F23E8792A996} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-07] (Google Inc.)
Task: {F9D5D7A1-23FE-4FE8-9EA2-6634A885CFB7} - System32\Tasks\PennyBee => C:\Users\GTCR\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PennyBee.job => C:\Users\GTCR\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-10-26 18:44 - 2012-10-04 19:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2010-03-27 05:11 - 2010-03-27 05:11 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-01-19 05:08 - 2011-01-19 05:08 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-20 22:29 - 2012-02-20 22:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 22:28 - 2012-02-20 22:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-13 22:16 - 2011-02-13 22:16 - 03379200 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7bd090e8\mscorlib.dll
2011-02-13 22:16 - 2011-02-13 22:16 - 01953792 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_4d2df50b\system.dll
2014-10-08 15:32 - 2014-10-08 15:32 - 00043008 _____ () c:\users\gtcr\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjaluhb.dll
2013-08-24 05:31 - 2013-08-24 05:31 - 25100288 _____ () C:\Users\GTCR\AppData\Roaming\Dropbox\bin\libcef.dll
2010-03-09 10:48 - 2010-03-09 10:48 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-05-14 14:48 - 2009-05-20 16:32 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2012-12-04 15:10 - 2014-06-20 07:08 - 00192376 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libBase64.dll
2012-12-04 15:10 - 2014-06-20 07:08 - 00180088 _____ () C:\Program Files (x86)\Ad-Aware Antivirus\Definitions\libMachoUniv.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-08 08:37 - 2014-10-01 16:24 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\01 - Muddy Puddles.avi:TOC.WMV
AlternateDataStreams: C:\ProgramData\Temp:00811B66
AlternateDataStreams: C:\ProgramData\Temp:014BC3B4
AlternateDataStreams: C:\ProgramData\Temp:03D08225
AlternateDataStreams: C:\ProgramData\Temp:07F6D9E4
AlternateDataStreams: C:\ProgramData\Temp:1B3549F2
AlternateDataStreams: C:\ProgramData\Temp:22741C1F
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:33384BC0
AlternateDataStreams: C:\ProgramData\Temp:349E5B74
AlternateDataStreams: C:\ProgramData\Temp:3790BACD
AlternateDataStreams: C:\ProgramData\Temp:3A6BC948
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:453190EC
AlternateDataStreams: C:\ProgramData\Temp:4B244549
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:538B96B5
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:80E965A3
AlternateDataStreams: C:\ProgramData\Temp:89C2A42C
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:966CEAE7
AlternateDataStreams: C:\ProgramData\Temp:9ACB70D7
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:B12D1A7D
AlternateDataStreams: C:\ProgramData\Temp:C43C957E
AlternateDataStreams: C:\ProgramData\Temp:CEE4A457
AlternateDataStreams: C:\ProgramData\Temp:CFF6B3FF
AlternateDataStreams: C:\ProgramData\Temp
2A5A561AlternateDataStreams: C:\ProgramData\Temp
8F9D810AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
AlternateDataStreams: C:\ProgramData\Temp:ED9B661E
AlternateDataStreams: C:\Users\GTCR\Documents\Council.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ad-Aware Service => ""="Ad-Aware Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Ad-Aware Service => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MWLService => 3
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: NTIBackupSvc => 3
MSCONFIG\Services: NTISchedulerSvc => 2
MSCONFIG\Services: ODDPwrSvc => 2
MSCONFIG\Services: Partner Service => 3
MSCONFIG\Services: QBCFMonitorService => 2
MSCONFIG\Services: QuickBooksDB18 => 2
MSCONFIG\Services: Response Hardware => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: RS_Service => 2
MSCONFIG\Services: SBAMSvc => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: Updater Service => 2
========================= Accounts: ==========================
Administrator (S-1-5-21-3936954855-2866150315-428727479-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3936954855-2866150315-428727479-1002 - Limited - Enabled)
GTCR (S-1-5-21-3936954855-2866150315-428727479-1000 - Administrator - Enabled) => C:\Users\GTCR
Guest (S-1-5-21-3936954855-2866150315-428727479-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3936954855-2866150315-428727479-1005 - Limited - Enabled)
QBDataServiceUser18 (S-1-5-21-3936954855-2866150315-428727479-1003 - Limited - Enabled) => C:\Users\QBDataServiceUser18
==================== Faulty Device Manager Devices =============
Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: SASDIFSV
Description: SASDIFSV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASDIFSV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SASKUTIL
Description: SASKUTIL
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SASKUTIL
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/08/2014 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x005c0032
Faulting process id: 0x840
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service scores since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/07/2014 00:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program gentlemjmbot_img.tmp version 51.52.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1b00
Start Time: 01cfe16d37d5ca73
Termination Time: 6
Application Path: C:\Users\GTCR\AppData\Local\Temp\is-72L6U.tmp\gentlemjmbot_img.tmp
Report Id:
Error: (10/07/2014 00:27:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program majmbot_gentlemg.tmp version 51.52.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2b50
Start Time: 01cfe16d315a4d77
Termination Time: 22
Application Path: C:\Users\GTCR\AppData\Local\Temp\is-17I3A.tmp\majmbot_gentlemg.tmp
Report Id:
Error: (10/07/2014 00:23:14 AM) (Source: MsiInstaller) (EventID: 11309) (User: GTCR-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (10/05/2014 07:05:56 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: The backup was not successful. The error is: One of the backup files could not be created. (0x8078002A).
System errors:
=============
Error: (10/08/2014 04:32:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (10/08/2014 04:04:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:52 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:04:44 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (10/08/2014 04:00:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (10/08/2014 08:23:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532unknown0.0.0.000000000c0000005005c003284001cfe278e8a9fb26C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeunknown697a9d4c-4e6c-11e4-8760-60eb69563359
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 01:08:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service scores since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service IePlugin Services since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 00:30:15 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Supporter since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (10/07/2014 00:27:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gentlemjmbot_img.tmp51.52.0.01b0001cfe16d37d5ca736C:\Users\GTCR\AppData\Local\Temp\is-72L6U.tmp\gentlemjmbot_img.tmp
Error: (10/07/2014 00:27:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: majmbot_gentlemg.tmp51.52.0.02b5001cfe16d315a4d7722C:\Users\GTCR\AppData\Local\Temp\is-17I3A.tmp\majmbot_gentlemg.tmp
Error: (10/07/2014 00:23:14 AM) (Source: MsiInstaller) (EventID: 11309) (User: GTCR-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/05/2014 07:05:56 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: One of the backup files could not be created. (0x8078002A)
CodeIntegrity Errors:
===================================
Date: 2014-09-10 09:01:41.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-09-10 09:01:41.042
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 20:12:50.645
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 20:08:51.420
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 20:03:24.979
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-10 20:14:33.938
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-08-10 20:10:24.906
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-29 16:57:29.947
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-29 16:57:28.973
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-21 20:25:39.965
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
