HI,
i'm a newbie year, would anyone pls. help me in removing zero access on my laptop. My avg cannot open as it is blocked by group policy.
Was reading the same thread and download the farbar scan tool and have generated a FRST.txt and Addition.txt.
pls. see below;
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by cadettesam1 (administrator) on ITD-R on 19-02-2015 15:56:19
Running from C:\Users\cadettesam\Desktop\Bonus
Loaded Profiles: cadettesam1 (Available profiles: user0821 & cadettesam1 & itdept & carlo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd.) C:\Program Files\RealVNC\VNC4\winvnc4.exe
(RealVNC Ltd.) C:\Program Files\RealVNC\VNC4\winvnc4.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WordWeb Software) C:\Program Files\WordWeb\wweb32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Genie-soft) C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
() C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-20] (ASUS)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-20] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [548744 2010-06-11] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Wireless Console 3] => C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-18] (Apple Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-22] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-02] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2213160 2007-12-04] (Nero AG)
HKLM\...\Run: [ModemListener] => C:\Program Files\DIGICEL USB Modem\ModemListener.exe [98304 2011-01-12] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-24] (Adobe Systems Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [3G Modem Partner] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Syncios device service] => C:\Program Files\Syncios\SynciosDeviceService.exe [736768 2014-08-12] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1980416 2013-12-18] (Wondershare)
HKLM\...\Run: [BrowserPlugInHelper] => C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [1962896 2014-03-17] ()
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2015-01-10] (LogMeIn, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\ <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\AVG2012 <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Google Update] => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-01] (Google Inc.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [65216 2009-11-09] (WordWeb Software)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-14] (Nero AG)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3491264 2012-06-08] (Tonec Inc.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20924064 2014-02-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [GBMPro9Agent] => C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe [189528 2012-05-30] (Genie-soft)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Ocqics] => C:\Windows\System32\regsvr32.exe C:\Users\cadettesam\AppData\Local\Aplqworks\jhqpaldxqizdk.dll
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Ujsmedia] => regsvr32.exe C:\Users\cadettesam\AppData\Local\Ujsmedia\ASMdatax216I.dll <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe (Acresso Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe ()
Startup: C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{0E1C4EBC-E8FD-4E24-8B73-4FA1363A7624}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{3EFD0729-1EA4-48DF-9710-5C3C7693D1B3}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{A1E00E91-C164-4175-B8E2-5F25522BDADF}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{BCDBD7C7-810F-4031-94A6-79BC8176D845}: [NameServer] 8.8.8.8,8.8.8.8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\cadettesam\AppData\Roaming\Mozilla\Firefox\Profiles\s6zigvb5.defau lt
FF Homepage: user_pref("browser.startup.homepage", "about:home"about:home);
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-4226095529-3221385387-367272059-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\cadettesam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalli ng.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-4226095529-3221385387-367272059-1001: @tools.google.com/Google Update;version=3 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
FF Plugin HKU\S-1-5-21-4226095529-3221385387-367272059-1001: @tools.google.com/Google Update;version=9 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2013-02-01]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-11-20]
FF HKLM\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2014-10-11]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2013-03-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-12]
FF HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\cadettesam\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\cadettesam\AppData\Roaming\IDM\idmmzcc5 [2014-01-20]
FF HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\cadettesam\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\cadettesam\AppData\Roaming\Mozilla\Firefox\Profiles\s6zigvb5.defau lt\extensions\faststartff@gmail.com [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-01]
CHR Extension: (Google Drive) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-04]
CHR Extension: (YouTube) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-01]
CHR Extension: (Google Cast) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-26]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2014-10-11]
CHR Extension: (Google Search) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-01]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-11-20]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-19]
CHR Extension: (MagiCSS Live CSS Editor) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhikkcafabcgolfjegfcgloomalapol [2015-01-18]
CHR Extension: (internet download manager) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcjgpgnbamgphpplmjomihaabchfoab [2013-12-30]
CHR Extension: (Skype Click to Call) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-28]
CHR Extension: (Google Wallet) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Gmail) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-01]
CHR HKLM\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2014-10-11]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-24]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - C:\Users\user0821\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [303744 2009-12-08] (ASUSTeK Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-16] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-16] (ASUS)
R2 avgfws; C:\Program Files\AVG\AVG2012\avgfws.exe [2322000 2014-11-04] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 DeviceManager; C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe [40960 2010-08-28] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-05-03] (Flexera Software, Inc.)
S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-15] ()
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655712 2013-10-18] ()
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe [114288 2014-09-24] (Mozilla Foundation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-10] (TeamViewer GmbH)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WinVNC4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2164088 2008-10-14] (RealVNC Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-03] (ASUS)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47968 2011-05-23] (AVG Technologies CZ, s.r.o.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-24] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-24] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-24] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2014-11-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-21] (AVG Technologies)
S3 CT_QUALCOMM_U_drv; C:\Windows\System32\DRIVERS\CT_QUALCOMM_U_drv.sys [103552 2009-04-28] (QUALCOMM Incorporated)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-22] (Disc Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [102912 2010-07-22] (ELAN Microelectronic Corp.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2013-10-18] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2013-10-18] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [195072 2013-10-18] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [105344 2010-08-28] (TCT International Mobile Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-03-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-14] (ASUS)
S3 NetVMini; C:\Windows\System32\DRIVERS\netvmini.sys [18104 2012-01-05] (Microsoft Corporation)
S3 PSSDK42; C:\Windows\system32\Drivers\pssdk42.sys [38976 2013-12-07] (microOLAP Technologies LTD)
S3 RusRouteMP; C:\Windows\System32\DRIVERS\rusroute.sys [48824 2012-01-05] (MaaSoftware http://www.maasoftware.ru, http://www.maasoftware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-19] ()
S3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [252416 2009-05-26] (Vimicro Corporation)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2012-05-30] (RealVNC Ltd.)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [398720 2008-07-02] (Vimicro Corporation)
U3 catchme; \??\C:\Users\CADETT~1\AppData\Local\Temp\catchme.sys [X]
S3 CT_EVDO_U_USBSER; system32\DRIVERS\CT_EVDO_U_USBSER.sys [X]
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [102784 2013-10-18] (Huawei Technologies Co., Ltd.)
S4 LMIRfsClientNP; No ImagePath
U5 RusRoute; C:\Windows\System32\Drivers\RusRoute.sys [48824 2012-01-05] (MaaSoftware http://www.maasoftware.ru, http://www.maasoftware.com)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
U3 mbr; \??\C:\ComboFix\mbr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 15:48 - 2015-02-19 15:56 - 00000000 ____D () C:\FRST
2015-02-19 14:45 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-19 14:45 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-19 14:45 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-19 14:44 - 2015-02-19 15:24 - 00000000 ___SD () C:\ComboFix
2015-02-19 14:44 - 2015-02-19 14:44 - 00000000 ____D () C:\Windows\erdnt
2015-02-19 14:44 - 2015-02-19 14:44 - 00000000 ____D () C:\Qoobox
2015-02-19 14:30 - 2015-02-19 14:34 - 00000000 ____D () C:\AdwCleaner
2015-02-19 13:08 - 2015-02-19 15:37 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\CrashDumps
2015-02-19 13:06 - 2015-02-19 15:33 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-19 13:06 - 2015-02-19 13:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-19 13:01 - 2015-02-19 14:36 - 00001890 _____ () C:\Windows\PFRO.log
2015-02-19 12:08 - 2015-02-19 14:36 - 00001132 _____ () C:\Windows\setupact.log
2015-02-19 12:08 - 2015-02-19 12:08 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-19 02:34 - 2015-02-19 13:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Yvsu
2015-02-19 02:34 - 2015-02-19 02:37 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Evzyyx
2015-02-19 02:33 - 2015-02-19 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Is On My Wifi
2015-02-19 02:32 - 2015-02-19 02:32 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-02-19 02:20 - 2015-02-19 02:20 - 01054720 _____ () C:\Users\cadettesam\Downloads\Who.Is.On.My.Wifi.3.0.2.rar.exe
2015-02-19 02:12 - 2015-02-19 02:12 - 00034308 _____ () C:\Windows\system32\bassmod.dll
2015-02-19 02:01 - 2015-02-19 02:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\Ujsmedia
2015-02-19 02:01 - 2015-02-19 02:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\Aplqworks
2015-02-19 01:59 - 2015-02-19 15:51 - 00000000 ____D () C:\wifidata
2015-02-19 01:59 - 2015-02-19 01:59 - 00000000 ____D () C:\Program Files\IO3O LLC
2015-02-19 01:57 - 2015-02-19 01:57 - 00079324 _____ () C:\Users\cadettesam\Downloads\[4allprograms.net]_KG & SN_WOMW.rar
2015-02-19 01:57 - 2014-10-06 15:36 - 00000000 ____D () C:\Users\cadettesam\Downloads\[4allprograms.net]_KG & SN_WOMW
2015-02-19 01:54 - 2015-02-19 01:54 - 00015863 _____ () C:\Users\cadettesam\Downloads\Who Is On My Wifi (1).torrent
2015-02-19 01:50 - 2015-02-19 02:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Local Store
2015-02-19 01:47 - 2015-02-19 01:48 - 05438001 _____ () C:\Users\cadettesam\Downloads\Who Is On My Wifi Ultimate Edition 2.1.9 (FULL + Keygen).zip
2015-02-19 01:40 - 2015-02-19 01:40 - 00015857 _____ () C:\Users\cadettesam\Downloads\Who Is On My Wifi.torrent
2015-02-18 23:24 - 2015-02-18 23:24 - 00000027 _____ () C:\Users\cadettesam\Documents\Netgear admin.txt
2015-02-18 23:15 - 2015-02-18 23:15 - 00065560 _____ () C:\Users\cadettesam\Downloads\NETGEAR_WNR3500.cfg
2015-02-17 23:23 - 2015-02-17 23:23 - 00001203 _____ () C:\Users\cadettesam\Desktop\Cisco Packet Tracer Student.lnk
2015-02-17 23:23 - 2015-02-17 23:23 - 00000186 _____ () C:\Users\cadettesam\.packettracer
2015-02-17 23:23 - 2015-02-17 23:23 - 00000000 ____D () C:\Users\cadettesam\Cisco Packet Tracer 6.1sv
2015-02-17 23:23 - 2015-02-17 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer Student
2015-02-17 23:21 - 2015-02-17 23:23 - 00000000 ____D () C:\Program Files\Cisco Packet Tracer 6.1sv
2015-02-17 22:40 - 2015-02-17 22:40 - 00012520 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]YouCam_5.torrent
2015-02-17 22:20 - 2015-02-17 22:20 - 00001968 _____ () C:\Users\cadettesam\Downloads\Make_Windows_Xp_Genuine_Forever_(100%).torren t
2015-02-17 22:18 - 2015-02-17 22:18 - 00003101 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]HiddenDesktop.torrent
2015-02-17 11:20 - 2015-02-17 11:22 - 00000000 ____D () C:\CCProxy
2015-02-17 11:20 - 2015-02-17 11:20 - 00000590 _____ () C:\Users\cadettesam\Desktop\CCProxy.lnk
2015-02-17 11:20 - 2015-02-17 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCProxy
2015-02-17 11:17 - 2015-02-17 11:17 - 00001344 _____ () C:\Users\cadettesam\Downloads\B5A224BF19F06F830E178B6D258A1DF6DC686530.torr ent
2015-02-17 11:00 - 2015-02-17 11:00 - 00001669 _____ () C:\Users\cadettesam\Desktop\CCProxy 8.0 Full Keygen.lnk
2015-02-17 11:00 - 2015-02-17 11:00 - 00000000 ____D () C:\ProgramData\{f97c4e77-120d-d1c3-f97c-c4e7712039dc}
2015-02-17 10:06 - 2015-02-17 11:07 - 00000000 ____D () C:\ProgramData\{04cbf7f3-af58-34c5-04cb-bf7f3af5dfce}
2015-02-17 10:03 - 2015-02-17 11:19 - 00000000 ____D () C:\Users\cadettesam\Desktop\New folder
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Roaming\Syncios
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Roaming\DAEMON Tools Pro
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Local\Wondershare
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Local\LogMeIn
2015-02-12 09:18 - 2015-02-12 09:23 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\HP
2015-02-12 09:18 - 2015-02-12 09:18 - 00000000 ____D () C:\ProgramData\WEBREG
2015-02-12 09:17 - 2015-02-12 09:17 - 00001106 _____ () C:\Users\cadettesam\AppData\Roaming\ConvAPIPlugin.log
2015-02-12 09:12 - 2015-02-12 09:12 - 00001279 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2015-02-12 09:12 - 2015-02-12 09:12 - 00001273 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2015-02-12 09:12 - 2015-02-12 09:12 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2015-02-12 09:09 - 2010-05-14 14:56 - 00125440 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l02t.dll
2015-02-12 09:07 - 2015-02-12 09:17 - 00223007 _____ () C:\Windows\hpwins24.dat
2015-02-12 09:07 - 2015-02-12 09:17 - 00000880 _____ () C:\ProgramData\hpzinstall.log
2015-02-12 09:07 - 2010-07-30 21:04 - 00001758 ____N () C:\Windows\hpwmdl24.dat
2015-02-12 09:07 - 2010-05-13 20:29 - 00372736 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2015-02-12 09:07 - 2010-04-26 18:52 - 00454504 _____ (Hewlett-Packard) C:\Windows\system32\hpzids01.dll
2015-02-10 00:35 - 2015-02-14 22:42 - 00000929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-10 00:35 - 2015-02-14 22:42 - 00000917 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-09 23:59 - 2015-02-10 00:22 - 00000000 ___RD () C:\Users\cadettesam\Dropbox
2015-02-09 23:59 - 2015-02-09 23:59 - 00001102 _____ () C:\Users\cadettesam\Desktop\Dropbox.lnk
2015-02-09 23:56 - 2015-02-09 23:56 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-09 23:49 - 2015-02-09 23:59 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Dropbox
2015-02-09 23:49 - 2015-02-09 23:49 - 00355528 _____ (Dropbox, Inc.) C:\Users\cadettesam\Downloads\DropboxInstaller.exe
2015-02-09 23:43 - 2015-02-09 23:43 - 00010595 _____ () C:\Users\cadettesam\Downloads\[limetorrents.cc]TeamViewer.10.0.36897...Corporate.Crack.[KaranPC].torrent
2015-02-09 22:25 - 2015-02-09 22:25 - 02291847 _____ () C:\Users\cadettesam\Downloads\Odin_v3.09.zip
2015-02-08 00:35 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2015-02-08 00:35 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\cadettesam\Documents\SelfMV
2015-02-08 00:35 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\cadettesam\Documents\samsung
2015-02-08 00:31 - 2015-02-08 00:31 - 00017258 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]Rise_of_the_Legend_2014_WEBRip_[buhaypirata.net].torrent
2015-02-08 00:28 - 2015-02-08 00:28 - 00001915 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-02-08 00:28 - 2015-02-08 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-02-08 00:25 - 2014-10-13 15:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-02-08 00:25 - 2014-10-13 15:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-02-08 00:23 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Samsung
2015-02-08 00:23 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2015-02-08 00:21 - 2015-02-08 00:21 - 00015984 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]Kubot_The_Aswang_Chronicles_2_(2014)_[cubeme].torrent
2015-02-05 22:25 - 2015-02-05 22:25 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\tjnet
2015-02-05 12:40 - 2015-02-05 12:45 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\mjusbsp
2015-02-05 12:40 - 2015-02-05 12:40 - 00001070 _____ () C:\Users\cadettesam\Desktop\magicJack.lnk
2015-02-05 12:40 - 2015-02-05 12:40 - 00001056 _____ () C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2015-02-05 12:40 - 2015-02-05 12:40 - 00000000 ____D () C:\ProgramData\magicJack
2015-02-05 12:10 - 2015-02-05 12:40 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\magicJack
2015-02-04 00:08 - 2015-02-04 00:08 - 00122280 _____ () C:\Users\cadettesam\Downloads\FLVPlayer-Chrome_a.exe
2015-02-02 21:49 - 2015-02-19 14:36 - 00000974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-02 21:41 - 2015-02-19 14:36 - 00000958 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-02 21:41 - 2015-02-02 21:49 - 00000000 ____D () C:\Program Files\LogMeIn
2015-02-02 21:41 - 2015-02-02 21:41 - 00001024 _____ () C:\.rnd
2015-02-02 21:41 - 2015-01-10 10:46 - 00086912 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-02-02 21:41 - 2015-01-10 10:45 - 00085864 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-02-02 21:41 - 2015-01-10 10:45 - 00031592 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-02-02 21:41 - 2015-01-10 10:38 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2015-02-02 21:41 - 2015-01-10 10:38 - 00025248 _____ (LogMeIn, Inc.) C:\Windows\system32\lmimirr.dll
2015-02-02 21:41 - 2015-01-10 10:38 - 00011552 _____ (LogMeIn, Inc.) C:\Windows\system32\lmimirr2.dll
2015-02-02 21:41 - 2015-01-10 10:38 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys
2015-02-02 21:36 - 2015-02-19 11:52 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-02 21:36 - 2015-02-02 21:36 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\LogMeIn
2015-02-02 21:34 - 2015-02-02 21:35 - 00000000 ____D () C:\LMI
2015-02-02 21:26 - 2015-02-02 21:32 - 33947125 _____ () C:\Users\cadettesam\Downloads\logmein.zip
2015-02-02 21:22 - 2015-02-02 21:22 - 00041448 _____ () C:\Users\cadettesam\Documents\cc_20150202_212213.reg
2015-02-02 19:02 - 2015-02-02 19:07 - 27684864 _____ () C:\Users\cadettesam\Downloads\LogMeIn (1).msi
2015-02-02 18:54 - 2015-02-02 18:58 - 27684864 _____ () C:\Users\cadettesam\Downloads\LogMeIn.msi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 15:56 - 2013-10-26 18:24 - 00000000 ____D () C:\Users\cadettesam\Desktop\Bonus
2015-02-19 15:40 - 2013-02-01 05:30 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001UA.job
2015-02-19 15:14 - 2013-02-01 04:20 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2015-02-19 14:57 - 2013-01-31 04:41 - 01846612 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 14:56 - 2014-09-09 21:20 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-19 14:44 - 2013-12-30 15:47 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\DMCache
2015-02-19 14:41 - 2009-07-14 14:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-19 14:41 - 2009-07-14 14:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-19 14:38 - 2013-12-27 14:43 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Skype
2015-02-19 14:36 - 2015-01-18 21:21 - 00000704 __RSH () C:\ProgramData\ntuser.pol
2015-02-19 14:36 - 2013-03-10 12:46 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-19 14:36 - 2009-07-14 14:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 14:34 - 2013-02-01 03:44 - 00000000 ____D () C:\Users\cadettesam
2015-02-19 13:39 - 2013-12-20 10:09 - 00000000 ____D () C:\Program Files\TeamViewer
2015-02-19 13:06 - 2010-11-21 07:01 - 00796550 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-19 12:41 - 2014-09-09 21:19 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-19 12:41 - 2014-09-09 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-19 12:41 - 2014-09-09 21:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-19 11:54 - 2013-12-30 15:47 - 00000000 ____D () C:\Users\cadettesam\Downloads\Compressed
2015-02-19 11:52 - 2014-01-20 15:16 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\IDM
2015-02-19 11:17 - 2013-01-31 06:01 - 00003828 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-02-19 02:37 - 2013-11-21 13:25 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\tixati
2015-02-19 01:58 - 2013-11-10 12:19 - 00000000 ____D () C:\Users\cadettesam\Desktop\ED Lapiz
2015-02-18 22:17 - 2013-02-01 05:30 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001Core.job
2015-02-17 23:32 - 2013-05-21 02:20 - 00000000 ____D () C:\Users\cadettesam\Documents\My Downloaded Video
2015-02-17 22:38 - 2013-12-30 15:47 - 00000000 ____D () C:\Users\cadettesam\Downloads\Video
2015-02-17 09:05 - 2014-08-22 12:08 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-02-16 22:04 - 2013-02-01 09:33 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\vlc
2015-02-16 21:49 - 2014-01-01 12:43 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\HpUpdate
2015-02-14 12:24 - 2014-04-17 20:04 - 00000000 ____D () C:\Users\carlo\AppData\Roaming\DMCache
2015-02-14 11:56 - 2013-12-30 15:04 - 00001516 _____ () C:\Users\carlo\Desktop\Google Chrome.lnk
2015-02-14 09:24 - 2013-11-18 04:51 - 00000000 ____D () C:\Users\carlo\AppData\Local\AVG Secure Search
2015-02-14 09:22 - 2013-11-18 04:50 - 00110840 _____ () C:\Users\carlo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-12 18:52 - 2009-07-14 14:33 - 03761496 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 09:19 - 2013-02-01 03:44 - 00110840 _____ () C:\Users\cadettesam\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-12 09:17 - 2014-01-01 12:42 - 00000000 ____D () C:\ProgramData\HP
2015-02-12 09:17 - 2013-07-09 05:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-02-12 09:13 - 2013-07-09 05:07 - 00000000 ____D () C:\Program Files\HP
2015-02-10 12:03 - 2013-06-12 15:44 - 00000000 ____D () C:\Users\cadettesam\Desktop\Odin
2015-02-10 00:35 - 2013-03-16 19:20 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\TeamViewer
2015-02-09 18:21 - 2013-02-14 08:33 - 00107520 _____ () C:\Users\cadettesam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-09 17:58 - 2009-07-14 14:53 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-08 00:35 - 2013-06-12 15:17 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-08 00:23 - 2013-06-12 15:18 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-02-08 00:23 - 2013-01-31 06:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-02 21:20 - 2014-10-11 00:14 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2015-02-02 21:19 - 2013-02-04 06:13 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2013-09-10 09:08 - 2013-09-10 09:08 - 0000421 _____ () C:\Program Files\Connections_incoming.txt
2013-08-23 07:56 - 2013-08-23 07:56 - 0021053 _____ () C:\Program Files\CopyRights.txt
2013-06-07 02:24 - 2013-06-07 02:24 - 0032432 _____ () C:\Program Files\License.txt
2013-09-03 10:29 - 2013-09-03 10:29 - 12614496 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer.exe
2013-09-16 03:25 - 2013-09-16 03:25 - 0501906 _____ () C:\Program Files\TeamViewer8_Logfile.log
2013-09-03 10:29 - 2013-09-03 10:29 - 4536160 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Desktop.exe
2013-09-03 10:29 - 2013-09-03 10:29 - 0314208 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Resource_ar.dll
2013-09-03 10:29 - 2013-09-03 10:29 - 0328032 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Resource_en.dll
2013-09-03 10:29 - 2013-09-03 10:29 - 5071712 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Service.exe
2013-09-03 10:29 - 2013-09-03 10:29 - 3031904 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_StaticRes.dll
2013-09-06 14:33 - 2013-09-06 14:33 - 0000049 _____ () C:\Program Files\tvinfo.ini
2013-09-03 10:20 - 2013-09-03 10:20 - 0095584 _____ (TeamViewer GmbH) C:\Program Files\tv_w32.dll
2013-09-03 10:20 - 2013-09-03 10:20 - 0195936 _____ (TeamViewer GmbH) C:\Program Files\tv_w32.exe
2013-09-03 10:20 - 2013-09-03 10:20 - 0114528 _____ (TeamViewer GmbH) C:\Program Files\tv_x64.dll
2013-09-03 10:20 - 2013-09-03 10:20 - 0232800 _____ (TeamViewer GmbH) C:\Program Files\tv_x64.exe
2014-04-30 12:03 - 2014-04-30 12:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2013-11-21 10:22 - 2004-07-31 02:56 - 0090112 _____ () C:\Program Files\Common Files\PCSBclean.exe
2013-11-21 10:22 - 2004-07-27 08:30 - 0291840 _____ () C:\Program Files\Common Files\PCSBoff.exe
2014-01-01 14:03 - 2014-01-01 15:33 - 0000132 _____ () C:\Users\cadettesam\AppData\Roaming\Adobe PNG Format CS5 Prefs
2010-11-26 01:45 - 2010-11-26 01:45 - 0208200 _____ () C:\Users\cadettesam\AppData\Roaming\BtvStack.dll
2015-02-12 09:17 - 2015-02-12 09:17 - 0001106 _____ () C:\Users\cadettesam\AppData\Roaming\ConvAPIPlugin.log
2013-02-14 08:33 - 2015-02-09 18:21 - 0107520 _____ () C:\Users\cadettesam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-01 12:41 - 2014-01-01 12:41 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-12 09:07 - 2015-02-12 09:17 - 0000880 _____ () C:\ProgramData\hpzinstall.log
2013-05-11 05:15 - 2013-05-11 05:15 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\cadettesam\AppData\Local\Temp\catchme.dll
C:\Users\cadettesam\AppData\Local\Temp\dllnt_dump.dll
C:\Users\user0821\AppData\Local\Temp\avguidx.dll
C:\Users\user0821\AppData\Local\Temp\CommonInstaller.exe
C:\Users\user0821\AppData\Local\Temp\iGearedHelper.dll
C:\Users\user0821\AppData\Local\Temp\lowproc.exe
C:\Users\user0821\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\user0821\AppData\Local\Temp\stubhelper.dll
C:\Users\user0821\AppData\Local\Temp\ToolbarInstaller.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 23:30
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by cadettesam1 at 2015-02-19 15:49:51
Running from C:\Users\cadettesam\Desktop\Bonus
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Internet Security 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 (Enabled) {621CC794-9486-F902-D092-0484E8EA828B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden
6000E609_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609a (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2249 - AVG Technologies)
AVG 2012 (Version: 12.0.4257 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2249 - AVG Technologies) Hidden
BELKIN F5U109 (HKLM\...\{16115E10-502B-4EA0-BD39-4DA329AD89E2}) (Version: 2.01 - Belkin Components)
Belltech Business Card Designer Pro 5.4 (HKLM\...\Belltech Business Card Designer Pro 5.4_is1) (Version: 5.4.0.0 - Belltech Systems)
BPDSoftware (Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cambium Networks LINKPlanner version 3.4.0 (HKLM\...\Cambium PTP Link Planner_is1) (Version: - Cambium Networks)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CCProxy 8.0 (HKLM\...\CCProxy_is1) (Version: - Youngzsoft, Inc.)
ChromecastApp (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cisco Packet Tracer 6.1 Student (HKLM\...\Cisco Packet Tracer 6.1 Student_is1) (Version: - Cisco Systems, Inc.)
Command & Conquer Generals (HKLM\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000 - Electronic Arts) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DeviceDiscovery (Version: 140.0.213.000 - Hewlett-Packard) Hidden
DIGICEL USB Modem (HKLM\...\DIGICEL USB Modem_is1) (Version: - )
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Dropbox) (Version: 3.2.3 - Dropbox, Inc.)
DSLR Remote Pro (HKLM\...\{0143BC25-D431-44bf-85EA-082CA5EA851D}) (Version: v2.2 - Breeze Systems Ltd)
Easy Download Manager (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Easy Download Manager) (Version: - )
EasyNP2 version 56.2.0.38 (HKLM\...\{45D0CE08-14DE-4F94-AE24-6151BBE6FA90}_is1) (Version: 56.2.0.38 - EasyNP2, Inc.)
ERALink v4.1.0 (HKLM\...\ERALink v4.1.0) (Version: - )
ETDWare PS/2-x86 7.0.5.13_WHQL (HKLM\...\Elantech) (Version: 7.0.5.13 - ELAN Microelectronics Corp.)
F3_ActiveX_1.0.0.1 (HKLM\...\{C61B1BD6-1B74-499B-8CC1-AEB4F7BDD878}_is1) (Version: 1.0.0.1 - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
File Scavenger 3.0 (HKLM\...\File Scavenger V3_is1) (Version: - )
Genie Backup Manager (HKLM\...\Genie Backup Manager) (Version: 9.0 - Genie9)
Google Chrome (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Update Helper (Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
GPBaseService2 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{867988FA-BCE7-46E9-A7E8-DC084A843319}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Help (HKLM\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Product Improvement Study (HKLM\...\{79992AEE-6F58-4DAB-97D0-ADDF278F08F4}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet P1500 series (HKLM\...\HP LaserJet P1500 series) (Version: - )
HP Officejet 6000 E609 Series (HKLM\...\{7791308C-85FB-43B9-93F2-7DE9CB7D5C4A}) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.212.000 - Hewlett-Packard) Hidden
iDeer Blu-ray Player (HKLM\...\iDeer Blu-ray Player) (Version: 1.3.3.1365 - iDeerApp Software Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - )
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217013F0}) (Version: 7.0.130 - Oracle)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.23.4 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
magicJack (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
MagiCSS Live CSS Editor (HKLM\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971118) (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971118)) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 21.005.22.01.894 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyLanViewer version 4.12.0 (HKLM\...\{2D933C82-63E9-4640-A1EF-08E38F0CF4C2}_is1) (Version: 4.12.0 - S.K. Software)
Nero 8 (HKLM\...\{5FCCD531-1B38-4A94-924C-127F722F1033}) (Version: 8.2.89 - Nero AG)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
nLite 1.4.9.3 (HKLM\...\nLite_is1) (Version: 1.4.9.3 - Dino Nuhagic (nuhi))
Nuclear Coffee - VideoGet (HKLM\...\VideoGet_is1) (Version: 2011 - Nuclear Coffee)
ProductContext (Version: 140.0.000.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SketchUp 2014 (HKLM\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden
Syncios version 4.1.2 (HKLM\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.2 - Anvsoft, Inc.)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.38843 - TeamViewer)
TELIKOM PNG EVDO Modem 1.2 (HKLM\...\TELIKOM PNG EVDO Modem - TELIKOM PNG EVDO Modem_is1) (Version: - )
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Tixati (HKLM\...\tixati) (Version: - )
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Vimicro USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corp.)
VLC media player 1.1.4 (HKLM\...\VLC media player) (Version: 1.1.4 - VideoLAN)
VNC Enterprise Edition E4.4.3 (HKLM\...\RealVNC_is1) (Version: E4.4.3 (r16583) - RealVNC Ltd.)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
WeatherBug Alert (HKLM\...\{7426428E-71D4-452C-BA13-B14E5EB52859}) (Version: 1.3.0.1 - AWS Convergence Technologies)
WebReg (Version: 140.0.213.017 - Hewlett-Packard) Hidden
webXvid Codec (HKLM\...\webXvid Codec) (Version: 3.6 - webXvid)
Who Is On My Wifi version 2.1.9 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 2.1.9 - IO3O LLC)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.6.6 - Shark007)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (HKLM\...\9B930C353B70A8D589052B35FD6D22DF019FA7A4) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (HKLM\...\745D2949D37D22B578F30B5527277D1FB8BB0709) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Wireless Console 3 (HKLM\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Wondershare Video Converter Ultimate(Build 7.0.0.3) (HKLM\...\Wondershare Video Converter Ultimate_is1) (Version: 7.0.0.3 - Wondershare Software)
WordWeb (HKLM\...\WordWeb) (Version: 6 - WordWeb Software)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.1.20140505 - Xilisoft)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\cadettesam\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{2A2A689C-21B5-4EF4-8DAB-11C244ABCC7A}\InprocServer32 -> 42494E41525953545245414D0300000003000000560A0E0DE70073EF03CA4EB5B5C3BBEBE6D 3854C53B851108CC6F832D5C4 (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{46EE58BF-5326-4789-8CE2-7AC44E01F05B}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Easy Download Manager\Catcher.dll ()
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Chrome\Application\39.0.2171.99\de legate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\cadettesam\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling Proxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalli ng.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\CADETT~1\AppData\Local\Temp\d9cc6.exe No File
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-01-20 15:03 - 2015-02-19 02:32 - 00001512 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
107.181.187.25 www.google-analytics.com.
107.181.187.25 google-analytics.com.
107.181.187.25 connect.facebook.net.
136.243.254.253 www.google-analytics.com.
136.243.254.253 google-analytics.com.
136.243.254.253 connect.facebook.net.
185.53.9.208 www.google-analytics.com.
185.53.9.208 google-analytics.com.
185.53.9.208 connect.facebook.net.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14EC2802-8C57-4899-9724-E34188C0EDC5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-03-10] ()
Task: {7EBFD97F-6234-43E3-964B-ABF81E4893BB} - System32\Tasks\ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-18] (ASUS)
Task: {8961A90B-53CF-48A4-9205-585A08EC16F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001UA => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
Task: {8B638F16-48A3-4001-8C26-9FB9F6376BF5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {97F6777D-5726-498C-89F8-3E9ADC0E22F2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4226095529-3221385387-367272059-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9C5CC5BD-48AC-470F-997A-CFBDD542FB31} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4226095529-3221385387-367272059-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BD3F9943-1C36-4D61-8620-BEC7E0B7E670} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-25] (Piriform Ltd)
Task: {C031E380-8BE4-41C7-B1CB-1DCAF6BE9047} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {E37F3C35-C738-4C4E-9665-04447DC4F46F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001Core => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001Core.job => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001UA.job => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-19 02:01 - 2015-02-19 02:01 - 01302528 ____N () C:\Users\cadettesam\AppData\Local\Aplqworks\jhqpaldxqizdk.dll
2015-02-19 02:01 - 2015-02-19 02:01 - 01285632 ____N () C:\Users\cadettesam\AppData\Local\Ujsmedia\ASMdatax216I.dll
2014-08-02 11:05 - 2014-03-17 23:32 - 00003132 _____ () C:\Program Files\DAEMON Tools Pro\MSIMG32.dll
2013-08-29 10:23 - 2013-08-29 10:23 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-08-29 10:25 - 2013-08-29 10:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-11 00:15 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2013-05-12 12:44 - 2009-08-20 13:59 - 00022736 ____N () C:\Program Files\WordWeb\WUCNT.dll
2010-01-10 13:18 - 2010-01-10 13:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 18:34 - 2010-01-21 18:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-05-21 17:56 - 2012-05-21 17:56 - 00196608 _____ () C:\Program Files\Genie9\Genie Backup Manager\GSLogging.dll
2012-05-21 17:57 - 2012-05-21 17:57 - 00196608 _____ () C:\Program Files\Genie9\Genie Backup Manager\gs_encryption.dll
2015-02-19 02:33 - 2013-09-04 22:18 - 00460288 _____ () C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
2015-02-19 02:33 - 2012-06-27 07:18 - 00839680 _____ () C:\Program Files\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll
2013-10-23 15:12 - 2013-10-23 15:12 - 00095608 _____ () C:\Program Files\DivX\DivX Player\DPXIconHandler.dll
2013-01-31 05:56 - 2008-09-17 14:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-09 05:52 - 2012-01-30 10:54 - 00408576 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2014-10-11 00:14 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\System32\WSCM32.dll
2014-01-09 05:52 - 2012-01-21 08:55 - 00427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:5A775C3F
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\cadettesam\Downloads\Wifihackpassword__7934_il1153272 (1).exe:typelib
AlternateDataStreams: C:\Users\cadettesam\Downloads\Wifihackpassword__7934_il1153272.exe:typelib
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWall paper.jpg
DNS Servers: 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-4226095529-3221385387-367272059-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4226095529-3221385387-367272059-1005 - Limited - Enabled)
cadettesam1 (S-1-5-21-4226095529-3221385387-367272059-1001 - Administrator - Enabled) => C:\Users\cadettesam
carlo (S-1-5-21-4226095529-3221385387-367272059-1006 - Administrator - Enabled) => C:\Users\carlo
Guest (S-1-5-21-4226095529-3221385387-367272059-501 - Limited - Disabled)
itdept (S-1-5-21-4226095529-3221385387-367272059-1002 - Administrator - Enabled) => C:\Users\itdept
user0821 (S-1-5-21-4226095529-3221385387-367272059-1000 - Administrator - Enabled) => C:\Users\user0821
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/19/2015 03:37:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunDll32.exe_HPStatusBL.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: jhqpaldxqizdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5474147e
Exception code: 0xc0000005
Fault offset: 0x03022404
Faulting process id: 0x658
Faulting application start time: 0xRunDll32.exe_HPStatusBL.dll0
Faulting application path: RunDll32.exe_HPStatusBL.dll1
Faulting module path: RunDll32.exe_HPStatusBL.dll2
Report Id: RunDll32.exe_HPStatusBL.dll3
Error: (02/19/2015 03:37:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunDll32.exe_HPStatusBL.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: jhqpaldxqizdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5474147e
Exception code: 0xc0000005
Fault offset: 0x03022404
Faulting process id: 0x658
Faulting application start time: 0xRunDll32.exe_HPStatusBL.dll0
Faulting application path: RunDll32.exe_HPStatusBL.dll1
Faulting module path: RunDll32.exe_HPStatusBL.dll2
Report Id: RunDll32.exe_HPStatusBL.dll3
Error: (02/19/2015 03:37:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: jhqpaldxqizdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5474147e
Exception code: 0xc0000005
Fault offset: 0x10002404
Faulting process id: 0x3a48
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (02/19/2015 02:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x3d94
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (02/19/2015 02:59:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x3d94
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (02/19/2015 02:59:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x2518
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Error: (02/19/2015 02:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17420, time stamp: 0x545ad233
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x1640
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (02/19/2015 02:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x2518
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Error: (02/19/2015 02:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17420, time stamp: 0x545ad233
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x1640
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (02/19/2015 02:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x375c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
System errors:
=============
Error: (02/19/2015 02:58:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/19/2015 02:54:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2015 02:49:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2015 02:48:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DeviceManager service terminated unexpectedly. It has done this 1 time(s).
Error: (02/19/2015 02:45:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy service failed to start due to the following error:
%%1053
Error: (02/19/2015 02:45:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
Error: (02/19/2015 02:45:48 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (02/19/2015 02:44:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HWDeviceService.exe service terminated unexpectedly. It has done this 1 time(s).
Error: (02/19/2015 02:37:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (02/19/2015 02:36:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. OUC service failed to start due to the following error:
%%1053
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 70%
Total physical RAM: 2988.56 MB
Available physical RAM: 880.43 MB
Total Pagefile: 5975.41 MB
Available Pagefile: 3738.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.34 GB) (Free:13.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:144.87 GB) NTFS
Drive i: () (Fixed) (Total:7.45 GB) (Free:1.58 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 5280614B)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
==================== End Of Log ============================
i'm a newbie year, would anyone pls. help me in removing zero access on my laptop. My avg cannot open as it is blocked by group policy.
Was reading the same thread and download the farbar scan tool and have generated a FRST.txt and Addition.txt.
pls. see below;
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by cadettesam1 (administrator) on ITD-R on 19-02-2015 15:56:19
Running from C:\Users\cadettesam\Desktop\Bonus
Loaded Profiles: cadettesam1 (Available profiles: user0821 & cadettesam1 & itdept & carlo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\ramaint.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(RealVNC Ltd.) C:\Program Files\RealVNC\VNC4\winvnc4.exe
(RealVNC Ltd.) C:\Program Files\RealVNC\VNC4\winvnc4.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeIn.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WordWeb Software) C:\Program Files\WordWeb\wweb32.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Genie-soft) C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
() C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
(Nero AG) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-08] (ASUS)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-20] (ASUS)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-20] ()
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [548744 2010-06-11] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Wireless Console 3] => C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-03-18] (Apple Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-22] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-02] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2213160 2007-12-04] (Nero AG)
HKLM\...\Run: [ModemListener] => C:\Program Files\DIGICEL USB Modem\ModemListener.exe [98304 2011-01-12] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-24] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-24] (Adobe Systems Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM\...\Run: [3G Modem Partner] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Syncios device service] => C:\Program Files\Syncios\SynciosDeviceService.exe [736768 2014-08-12] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1980416 2013-12-18] (Wondershare)
HKLM\...\Run: [BrowserPlugInHelper] => C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [1962896 2014-03-17] ()
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2015-01-10] (LogMeIn, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\ <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG\AVG2012 <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ATTENTION
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Google Update] => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-02-01] (Google Inc.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [WordWeb] => C:\Program Files\WordWeb\wweb32.exe [65216 2009-11-09] (WordWeb Software)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1688872 2007-12-14] (Nero AG)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3491264 2012-06-08] (Tonec Inc.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20924064 2014-02-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [GBMPro9Agent] => C:\Program Files\Genie9\Genie Backup Manager\GBMAgent.exe [189528 2012-05-30] (Genie-soft)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Ocqics] => C:\Windows\System32\regsvr32.exe C:\Users\cadettesam\AppData\Local\Aplqworks\jhqpaldxqizdk.dll
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Run: [Ujsmedia] => regsvr32.exe C:\Users\cadettesam\AppData\Local\Ujsmedia\ASMdatax216I.dll <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe (Acresso Software Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe ()
Startup: C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
BHO: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{0E1C4EBC-E8FD-4E24-8B73-4FA1363A7624}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{3EFD0729-1EA4-48DF-9710-5C3C7693D1B3}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{A1E00E91-C164-4175-B8E2-5F25522BDADF}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{BCDBD7C7-810F-4031-94A6-79BC8176D845}: [NameServer] 8.8.8.8,8.8.8.8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\cadettesam\AppData\Roaming\Mozilla\Firefox\Profiles\s6zigvb5.defau lt
FF Homepage: user_pref("browser.startup.homepage", "about:home"about:home);
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-4226095529-3221385387-367272059-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\cadettesam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalli ng.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-4226095529-3221385387-367272059-1001: @tools.google.com/Google Update;version=3 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
FF Plugin HKU\S-1-5-21-4226095529-3221385387-367272059-1001: @tools.google.com/Google Update;version=9 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4 [2013-02-01]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-11-20]
FF HKLM\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files\Wondershare\Video Converter Ultimate\SVRFirefoxExt
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2014-10-11]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2013-03-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-02-12]
FF HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\cadettesam\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\cadettesam\AppData\Roaming\IDM\idmmzcc5 [2014-01-20]
FF HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\cadettesam\AppData\Roaming\IDM\idmmzcc5
FF Extension: No Name - C:\Users\cadettesam\AppData\Roaming\Mozilla\Firefox\Profiles\s6zigvb5.defau lt\extensions\faststartff@gmail.com [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-02-01]
CHR Extension: (Google Drive) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-02-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-04]
CHR Extension: (YouTube) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-01]
CHR Extension: (Google Cast) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-04-26]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2014-10-11]
CHR Extension: (Google Search) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-01]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-11-20]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-03-19]
CHR Extension: (MagiCSS Live CSS Editor) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhikkcafabcgolfjegfcgloomalapol [2015-01-18]
CHR Extension: (internet download manager) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcjgpgnbamgphpplmjomihaabchfoab [2013-12-30]
CHR Extension: (Skype Click to Call) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-28]
CHR Extension: (Google Wallet) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Gmail) - C:\Users\cadettesam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-01]
CHR HKLM\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2014-10-11]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-24]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome - C:\Users\user0821\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AFBAgent; C:\Windows\system32\FBAgent.exe [303744 2009-12-08] (ASUSTeK Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-16] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-16] (ASUS)
R2 avgfws; C:\Program Files\AVG\AVG2012\avgfws.exe [2322000 2014-11-04] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5175856 2013-10-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 DeviceManager; C:\Program Files\Common Files\DeviceHelper\DeviceManager.exe [40960 2010-08-28] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-05-03] (Flexera Software, Inc.)
S2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-15] ()
R2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
S2 Mobile Partner. RunOuc; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [655712 2013-10-18] ()
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice_tmp.exe [114288 2014-09-24] (Mozilla Foundation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-10] (TeamViewer GmbH)
R2 UNS; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WinVNC4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2164088 2008-10-14] (RealVNC Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-03] (ASUS)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47968 2011-05-23] (AVG Technologies CZ, s.r.o.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-24] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-24] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-24] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2014-11-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-21] (AVG Technologies)
S3 CT_QUALCOMM_U_drv; C:\Windows\System32\DRIVERS\CT_QUALCOMM_U_drv.sys [103552 2009-04-28] (QUALCOMM Incorporated)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-08-22] (Disc Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [102912 2010-07-22] (ELAN Microelectronic Corp.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2013-10-18] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2013-10-18] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [195072 2013-10-18] (Huawei Technologies Co., Ltd.)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [105344 2010-08-28] (TCT International Mobile Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-03-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-14] (ASUS)
S3 NetVMini; C:\Windows\System32\DRIVERS\netvmini.sys [18104 2012-01-05] (Microsoft Corporation)
S3 PSSDK42; C:\Windows\system32\Drivers\pssdk42.sys [38976 2013-12-07] (microOLAP Technologies LTD)
S3 RusRouteMP; C:\Windows\System32\DRIVERS\rusroute.sys [48824 2012-01-05] (MaaSoftware http://www.maasoftware.ru, http://www.maasoftware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-19] ()
S3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [252416 2009-05-26] (Vimicro Corporation)
R3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [4608 2012-05-30] (RealVNC Ltd.)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [398720 2008-07-02] (Vimicro Corporation)
U3 catchme; \??\C:\Users\CADETT~1\AppData\Local\Temp\catchme.sys [X]
S3 CT_EVDO_U_USBSER; system32\DRIVERS\CT_EVDO_U_USBSER.sys [X]
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [102784 2013-10-18] (Huawei Technologies Co., Ltd.)
S4 LMIRfsClientNP; No ImagePath
U5 RusRoute; C:\Windows\System32\Drivers\RusRoute.sys [48824 2012-01-05] (MaaSoftware http://www.maasoftware.ru, http://www.maasoftware.com)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
U3 mbr; \??\C:\ComboFix\mbr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 15:48 - 2015-02-19 15:56 - 00000000 ____D () C:\FRST
2015-02-19 14:45 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-19 14:45 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-19 14:45 - 2009-04-20 14:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-19 14:45 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-19 14:44 - 2015-02-19 15:24 - 00000000 ___SD () C:\ComboFix
2015-02-19 14:44 - 2015-02-19 14:44 - 00000000 ____D () C:\Windows\erdnt
2015-02-19 14:44 - 2015-02-19 14:44 - 00000000 ____D () C:\Qoobox
2015-02-19 14:30 - 2015-02-19 14:34 - 00000000 ____D () C:\AdwCleaner
2015-02-19 13:08 - 2015-02-19 15:37 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\CrashDumps
2015-02-19 13:06 - 2015-02-19 15:33 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-19 13:06 - 2015-02-19 13:06 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-19 13:01 - 2015-02-19 14:36 - 00001890 _____ () C:\Windows\PFRO.log
2015-02-19 12:08 - 2015-02-19 14:36 - 00001132 _____ () C:\Windows\setupact.log
2015-02-19 12:08 - 2015-02-19 12:08 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-19 02:34 - 2015-02-19 13:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Yvsu
2015-02-19 02:34 - 2015-02-19 02:37 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Evzyyx
2015-02-19 02:33 - 2015-02-19 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Is On My Wifi
2015-02-19 02:32 - 2015-02-19 02:32 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-02-19 02:20 - 2015-02-19 02:20 - 01054720 _____ () C:\Users\cadettesam\Downloads\Who.Is.On.My.Wifi.3.0.2.rar.exe
2015-02-19 02:12 - 2015-02-19 02:12 - 00034308 _____ () C:\Windows\system32\bassmod.dll
2015-02-19 02:01 - 2015-02-19 02:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\Ujsmedia
2015-02-19 02:01 - 2015-02-19 02:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\Aplqworks
2015-02-19 01:59 - 2015-02-19 15:51 - 00000000 ____D () C:\wifidata
2015-02-19 01:59 - 2015-02-19 01:59 - 00000000 ____D () C:\Program Files\IO3O LLC
2015-02-19 01:57 - 2015-02-19 01:57 - 00079324 _____ () C:\Users\cadettesam\Downloads\[4allprograms.net]_KG & SN_WOMW.rar
2015-02-19 01:57 - 2014-10-06 15:36 - 00000000 ____D () C:\Users\cadettesam\Downloads\[4allprograms.net]_KG & SN_WOMW
2015-02-19 01:54 - 2015-02-19 01:54 - 00015863 _____ () C:\Users\cadettesam\Downloads\Who Is On My Wifi (1).torrent
2015-02-19 01:50 - 2015-02-19 02:01 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Local Store
2015-02-19 01:47 - 2015-02-19 01:48 - 05438001 _____ () C:\Users\cadettesam\Downloads\Who Is On My Wifi Ultimate Edition 2.1.9 (FULL + Keygen).zip
2015-02-19 01:40 - 2015-02-19 01:40 - 00015857 _____ () C:\Users\cadettesam\Downloads\Who Is On My Wifi.torrent
2015-02-18 23:24 - 2015-02-18 23:24 - 00000027 _____ () C:\Users\cadettesam\Documents\Netgear admin.txt
2015-02-18 23:15 - 2015-02-18 23:15 - 00065560 _____ () C:\Users\cadettesam\Downloads\NETGEAR_WNR3500.cfg
2015-02-17 23:23 - 2015-02-17 23:23 - 00001203 _____ () C:\Users\cadettesam\Desktop\Cisco Packet Tracer Student.lnk
2015-02-17 23:23 - 2015-02-17 23:23 - 00000186 _____ () C:\Users\cadettesam\.packettracer
2015-02-17 23:23 - 2015-02-17 23:23 - 00000000 ____D () C:\Users\cadettesam\Cisco Packet Tracer 6.1sv
2015-02-17 23:23 - 2015-02-17 23:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer Student
2015-02-17 23:21 - 2015-02-17 23:23 - 00000000 ____D () C:\Program Files\Cisco Packet Tracer 6.1sv
2015-02-17 22:40 - 2015-02-17 22:40 - 00012520 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]YouCam_5.torrent
2015-02-17 22:20 - 2015-02-17 22:20 - 00001968 _____ () C:\Users\cadettesam\Downloads\Make_Windows_Xp_Genuine_Forever_(100%).torren t
2015-02-17 22:18 - 2015-02-17 22:18 - 00003101 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]HiddenDesktop.torrent
2015-02-17 11:20 - 2015-02-17 11:22 - 00000000 ____D () C:\CCProxy
2015-02-17 11:20 - 2015-02-17 11:20 - 00000590 _____ () C:\Users\cadettesam\Desktop\CCProxy.lnk
2015-02-17 11:20 - 2015-02-17 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCProxy
2015-02-17 11:17 - 2015-02-17 11:17 - 00001344 _____ () C:\Users\cadettesam\Downloads\B5A224BF19F06F830E178B6D258A1DF6DC686530.torr ent
2015-02-17 11:00 - 2015-02-17 11:00 - 00001669 _____ () C:\Users\cadettesam\Desktop\CCProxy 8.0 Full Keygen.lnk
2015-02-17 11:00 - 2015-02-17 11:00 - 00000000 ____D () C:\ProgramData\{f97c4e77-120d-d1c3-f97c-c4e7712039dc}
2015-02-17 10:06 - 2015-02-17 11:07 - 00000000 ____D () C:\ProgramData\{04cbf7f3-af58-34c5-04cb-bf7f3af5dfce}
2015-02-17 10:03 - 2015-02-17 11:19 - 00000000 ____D () C:\Users\cadettesam\Desktop\New folder
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Roaming\Syncios
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Roaming\DAEMON Tools Pro
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Local\Wondershare
2015-02-14 09:22 - 2015-02-14 09:22 - 00000000 ____D () C:\Users\carlo\AppData\Local\LogMeIn
2015-02-12 09:18 - 2015-02-12 09:23 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\HP
2015-02-12 09:18 - 2015-02-12 09:18 - 00000000 ____D () C:\ProgramData\WEBREG
2015-02-12 09:17 - 2015-02-12 09:17 - 00001106 _____ () C:\Users\cadettesam\AppData\Roaming\ConvAPIPlugin.log
2015-02-12 09:12 - 2015-02-12 09:12 - 00001279 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2015-02-12 09:12 - 2015-02-12 09:12 - 00001273 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2015-02-12 09:12 - 2015-02-12 09:12 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2015-02-12 09:09 - 2010-05-14 14:56 - 00125440 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l02t.dll
2015-02-12 09:07 - 2015-02-12 09:17 - 00223007 _____ () C:\Windows\hpwins24.dat
2015-02-12 09:07 - 2015-02-12 09:17 - 00000880 _____ () C:\ProgramData\hpzinstall.log
2015-02-12 09:07 - 2010-07-30 21:04 - 00001758 ____N () C:\Windows\hpwmdl24.dat
2015-02-12 09:07 - 2010-05-13 20:29 - 00372736 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2015-02-12 09:07 - 2010-04-26 18:52 - 00454504 _____ (Hewlett-Packard) C:\Windows\system32\hpzids01.dll
2015-02-10 00:35 - 2015-02-14 22:42 - 00000929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-10 00:35 - 2015-02-14 22:42 - 00000917 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-02-09 23:59 - 2015-02-10 00:22 - 00000000 ___RD () C:\Users\cadettesam\Dropbox
2015-02-09 23:59 - 2015-02-09 23:59 - 00001102 _____ () C:\Users\cadettesam\Desktop\Dropbox.lnk
2015-02-09 23:56 - 2015-02-09 23:56 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-09 23:49 - 2015-02-09 23:59 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Dropbox
2015-02-09 23:49 - 2015-02-09 23:49 - 00355528 _____ (Dropbox, Inc.) C:\Users\cadettesam\Downloads\DropboxInstaller.exe
2015-02-09 23:43 - 2015-02-09 23:43 - 00010595 _____ () C:\Users\cadettesam\Downloads\[limetorrents.cc]TeamViewer.10.0.36897...Corporate.Crack.[KaranPC].torrent
2015-02-09 22:25 - 2015-02-09 22:25 - 02291847 _____ () C:\Users\cadettesam\Downloads\Odin_v3.09.zip
2015-02-08 00:35 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2015-02-08 00:35 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\cadettesam\Documents\SelfMV
2015-02-08 00:35 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\cadettesam\Documents\samsung
2015-02-08 00:31 - 2015-02-08 00:31 - 00017258 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]Rise_of_the_Legend_2014_WEBRip_[buhaypirata.net].torrent
2015-02-08 00:28 - 2015-02-08 00:28 - 00001915 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-02-08 00:28 - 2015-02-08 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-02-08 00:25 - 2014-10-13 15:57 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-02-08 00:25 - 2014-10-13 15:57 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-02-08 00:23 - 2015-02-08 00:35 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Samsung
2015-02-08 00:23 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2015-02-08 00:21 - 2015-02-08 00:21 - 00015984 _____ () C:\Users\cadettesam\Downloads\[buhaypirata.net]Kubot_The_Aswang_Chronicles_2_(2014)_[cubeme].torrent
2015-02-05 22:25 - 2015-02-05 22:25 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\tjnet
2015-02-05 12:40 - 2015-02-05 12:45 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\mjusbsp
2015-02-05 12:40 - 2015-02-05 12:40 - 00001070 _____ () C:\Users\cadettesam\Desktop\magicJack.lnk
2015-02-05 12:40 - 2015-02-05 12:40 - 00001056 _____ () C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2015-02-05 12:40 - 2015-02-05 12:40 - 00000000 ____D () C:\ProgramData\magicJack
2015-02-05 12:10 - 2015-02-05 12:40 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\magicJack
2015-02-04 00:08 - 2015-02-04 00:08 - 00122280 _____ () C:\Users\cadettesam\Downloads\FLVPlayer-Chrome_a.exe
2015-02-02 21:49 - 2015-02-19 14:36 - 00000974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-02-02 21:41 - 2015-02-19 14:36 - 00000958 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-02-02 21:41 - 2015-02-02 21:49 - 00000000 ____D () C:\Program Files\LogMeIn
2015-02-02 21:41 - 2015-02-02 21:41 - 00001024 _____ () C:\.rnd
2015-02-02 21:41 - 2015-01-10 10:46 - 00086912 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-02-02 21:41 - 2015-01-10 10:45 - 00085864 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-02-02 21:41 - 2015-01-10 10:45 - 00031592 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-02-02 21:41 - 2015-01-10 10:38 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2015-02-02 21:41 - 2015-01-10 10:38 - 00025248 _____ (LogMeIn, Inc.) C:\Windows\system32\lmimirr.dll
2015-02-02 21:41 - 2015-01-10 10:38 - 00011552 _____ (LogMeIn, Inc.) C:\Windows\system32\lmimirr2.dll
2015-02-02 21:41 - 2015-01-10 10:38 - 00010144 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\lmimirr.sys
2015-02-02 21:36 - 2015-02-19 11:52 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-02-02 21:36 - 2015-02-02 21:36 - 00000000 ____D () C:\Users\cadettesam\AppData\Local\LogMeIn
2015-02-02 21:34 - 2015-02-02 21:35 - 00000000 ____D () C:\LMI
2015-02-02 21:26 - 2015-02-02 21:32 - 33947125 _____ () C:\Users\cadettesam\Downloads\logmein.zip
2015-02-02 21:22 - 2015-02-02 21:22 - 00041448 _____ () C:\Users\cadettesam\Documents\cc_20150202_212213.reg
2015-02-02 19:02 - 2015-02-02 19:07 - 27684864 _____ () C:\Users\cadettesam\Downloads\LogMeIn (1).msi
2015-02-02 18:54 - 2015-02-02 18:58 - 27684864 _____ () C:\Users\cadettesam\Downloads\LogMeIn.msi
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-19 15:56 - 2013-10-26 18:24 - 00000000 ____D () C:\Users\cadettesam\Desktop\Bonus
2015-02-19 15:40 - 2013-02-01 05:30 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001UA.job
2015-02-19 15:14 - 2013-02-01 04:20 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2015-02-19 14:57 - 2013-01-31 04:41 - 01846612 _____ () C:\Windows\WindowsUpdate.log
2015-02-19 14:56 - 2014-09-09 21:20 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-19 14:44 - 2013-12-30 15:47 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\DMCache
2015-02-19 14:41 - 2009-07-14 14:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-19 14:41 - 2009-07-14 14:34 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-19 14:38 - 2013-12-27 14:43 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\Skype
2015-02-19 14:36 - 2015-01-18 21:21 - 00000704 __RSH () C:\ProgramData\ntuser.pol
2015-02-19 14:36 - 2013-03-10 12:46 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2015-02-19 14:36 - 2009-07-14 14:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-19 14:34 - 2013-02-01 03:44 - 00000000 ____D () C:\Users\cadettesam
2015-02-19 13:39 - 2013-12-20 10:09 - 00000000 ____D () C:\Program Files\TeamViewer
2015-02-19 13:06 - 2010-11-21 07:01 - 00796550 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-19 12:41 - 2014-09-09 21:19 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-19 12:41 - 2014-09-09 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-19 12:41 - 2014-09-09 21:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-19 11:54 - 2013-12-30 15:47 - 00000000 ____D () C:\Users\cadettesam\Downloads\Compressed
2015-02-19 11:52 - 2014-01-20 15:16 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\IDM
2015-02-19 11:17 - 2013-01-31 06:01 - 00003828 _____ () C:\Windows\system32\AutoRunFilter.ini
2015-02-19 02:37 - 2013-11-21 13:25 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\tixati
2015-02-19 01:58 - 2013-11-10 12:19 - 00000000 ____D () C:\Users\cadettesam\Desktop\ED Lapiz
2015-02-18 22:17 - 2013-02-01 05:30 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001Core.job
2015-02-17 23:32 - 2013-05-21 02:20 - 00000000 ____D () C:\Users\cadettesam\Documents\My Downloaded Video
2015-02-17 22:38 - 2013-12-30 15:47 - 00000000 ____D () C:\Users\cadettesam\Downloads\Video
2015-02-17 09:05 - 2014-08-22 12:08 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2015-02-16 22:04 - 2013-02-01 09:33 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\vlc
2015-02-16 21:49 - 2014-01-01 12:43 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\HpUpdate
2015-02-14 12:24 - 2014-04-17 20:04 - 00000000 ____D () C:\Users\carlo\AppData\Roaming\DMCache
2015-02-14 11:56 - 2013-12-30 15:04 - 00001516 _____ () C:\Users\carlo\Desktop\Google Chrome.lnk
2015-02-14 09:24 - 2013-11-18 04:51 - 00000000 ____D () C:\Users\carlo\AppData\Local\AVG Secure Search
2015-02-14 09:22 - 2013-11-18 04:50 - 00110840 _____ () C:\Users\carlo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-12 18:52 - 2009-07-14 14:33 - 03761496 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 09:19 - 2013-02-01 03:44 - 00110840 _____ () C:\Users\cadettesam\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-12 09:17 - 2014-01-01 12:42 - 00000000 ____D () C:\ProgramData\HP
2015-02-12 09:17 - 2013-07-09 05:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-02-12 09:13 - 2013-07-09 05:07 - 00000000 ____D () C:\Program Files\HP
2015-02-10 12:03 - 2013-06-12 15:44 - 00000000 ____D () C:\Users\cadettesam\Desktop\Odin
2015-02-10 00:35 - 2013-03-16 19:20 - 00000000 ____D () C:\Users\cadettesam\AppData\Roaming\TeamViewer
2015-02-09 18:21 - 2013-02-14 08:33 - 00107520 _____ () C:\Users\cadettesam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-09 17:58 - 2009-07-14 14:53 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-08 00:35 - 2013-06-12 15:17 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-08 00:23 - 2013-06-12 15:18 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-02-08 00:23 - 2013-01-31 06:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-02 21:20 - 2014-10-11 00:14 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2015-02-02 21:19 - 2013-02-04 06:13 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2013-09-10 09:08 - 2013-09-10 09:08 - 0000421 _____ () C:\Program Files\Connections_incoming.txt
2013-08-23 07:56 - 2013-08-23 07:56 - 0021053 _____ () C:\Program Files\CopyRights.txt
2013-06-07 02:24 - 2013-06-07 02:24 - 0032432 _____ () C:\Program Files\License.txt
2013-09-03 10:29 - 2013-09-03 10:29 - 12614496 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer.exe
2013-09-16 03:25 - 2013-09-16 03:25 - 0501906 _____ () C:\Program Files\TeamViewer8_Logfile.log
2013-09-03 10:29 - 2013-09-03 10:29 - 4536160 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Desktop.exe
2013-09-03 10:29 - 2013-09-03 10:29 - 0314208 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Resource_ar.dll
2013-09-03 10:29 - 2013-09-03 10:29 - 0328032 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Resource_en.dll
2013-09-03 10:29 - 2013-09-03 10:29 - 5071712 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_Service.exe
2013-09-03 10:29 - 2013-09-03 10:29 - 3031904 _____ (TeamViewer GmbH) C:\Program Files\TeamViewer_StaticRes.dll
2013-09-06 14:33 - 2013-09-06 14:33 - 0000049 _____ () C:\Program Files\tvinfo.ini
2013-09-03 10:20 - 2013-09-03 10:20 - 0095584 _____ (TeamViewer GmbH) C:\Program Files\tv_w32.dll
2013-09-03 10:20 - 2013-09-03 10:20 - 0195936 _____ (TeamViewer GmbH) C:\Program Files\tv_w32.exe
2013-09-03 10:20 - 2013-09-03 10:20 - 0114528 _____ (TeamViewer GmbH) C:\Program Files\tv_x64.dll
2013-09-03 10:20 - 2013-09-03 10:20 - 0232800 _____ (TeamViewer GmbH) C:\Program Files\tv_x64.exe
2014-04-30 12:03 - 2014-04-30 12:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2013-11-21 10:22 - 2004-07-31 02:56 - 0090112 _____ () C:\Program Files\Common Files\PCSBclean.exe
2013-11-21 10:22 - 2004-07-27 08:30 - 0291840 _____ () C:\Program Files\Common Files\PCSBoff.exe
2014-01-01 14:03 - 2014-01-01 15:33 - 0000132 _____ () C:\Users\cadettesam\AppData\Roaming\Adobe PNG Format CS5 Prefs
2010-11-26 01:45 - 2010-11-26 01:45 - 0208200 _____ () C:\Users\cadettesam\AppData\Roaming\BtvStack.dll
2015-02-12 09:17 - 2015-02-12 09:17 - 0001106 _____ () C:\Users\cadettesam\AppData\Roaming\ConvAPIPlugin.log
2013-02-14 08:33 - 2015-02-09 18:21 - 0107520 _____ () C:\Users\cadettesam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-01 12:41 - 2014-01-01 12:41 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-12 09:07 - 2015-02-12 09:17 - 0000880 _____ () C:\ProgramData\hpzinstall.log
2013-05-11 05:15 - 2013-05-11 05:15 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\cadettesam\AppData\Local\Temp\catchme.dll
C:\Users\cadettesam\AppData\Local\Temp\dllnt_dump.dll
C:\Users\user0821\AppData\Local\Temp\avguidx.dll
C:\Users\user0821\AppData\Local\Temp\CommonInstaller.exe
C:\Users\user0821\AppData\Local\Temp\iGearedHelper.dll
C:\Users\user0821\AppData\Local\Temp\lowproc.exe
C:\Users\user0821\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\user0821\AppData\Local\Temp\stubhelper.dll
C:\Users\user0821\AppData\Local\Temp\ToolbarInstaller.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 23:30
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by cadettesam1 at 2015-02-19 15:49:51
Running from C:\Users\cadettesam\Desktop\Bonus
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Internet Security 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 (Enabled) {621CC794-9486-F902-D092-0484E8EA828B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden
6000E609_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
6000E609a (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2249 - AVG Technologies)
AVG 2012 (Version: 12.0.4257 - AVG Technologies) Hidden
AVG 2012 (Version: 12.1.2249 - AVG Technologies) Hidden
BELKIN F5U109 (HKLM\...\{16115E10-502B-4EA0-BD39-4DA329AD89E2}) (Version: 2.01 - Belkin Components)
Belltech Business Card Designer Pro 5.4 (HKLM\...\Belltech Business Card Designer Pro 5.4_is1) (Version: 5.4.0.0 - Belltech Systems)
BPDSoftware (Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cambium Networks LINKPlanner version 3.4.0 (HKLM\...\Cambium PTP Link Planner_is1) (Version: - Cambium Networks)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CCProxy 8.0 (HKLM\...\CCProxy_is1) (Version: - Youngzsoft, Inc.)
ChromecastApp (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cisco Packet Tracer 6.1 Student (HKLM\...\Cisco Packet Tracer 6.1 Student_is1) (Version: - Cisco Systems, Inc.)
Command & Conquer Generals (HKLM\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (Version: 0.50.0000 - Electronic Arts) Hidden
Command and ConquerTM Generals Zero Hour (HKLM\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (Version: 1.00.0000 - Electronic Arts) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DeviceDiscovery (Version: 140.0.213.000 - Hewlett-Packard) Hidden
DIGICEL USB Modem (HKLM\...\DIGICEL USB Modem_is1) (Version: - )
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Dropbox (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Dropbox) (Version: 3.2.3 - Dropbox, Inc.)
DSLR Remote Pro (HKLM\...\{0143BC25-D431-44bf-85EA-082CA5EA851D}) (Version: v2.2 - Breeze Systems Ltd)
Easy Download Manager (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Easy Download Manager) (Version: - )
EasyNP2 version 56.2.0.38 (HKLM\...\{45D0CE08-14DE-4F94-AE24-6151BBE6FA90}_is1) (Version: 56.2.0.38 - EasyNP2, Inc.)
ERALink v4.1.0 (HKLM\...\ERALink v4.1.0) (Version: - )
ETDWare PS/2-x86 7.0.5.13_WHQL (HKLM\...\Elantech) (Version: 7.0.5.13 - ELAN Microelectronics Corp.)
F3_ActiveX_1.0.0.1 (HKLM\...\{C61B1BD6-1B74-499B-8CC1-AEB4F7BDD878}_is1) (Version: 1.0.0.1 - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
File Scavenger 3.0 (HKLM\...\File Scavenger V3_is1) (Version: - )
Genie Backup Manager (HKLM\...\Genie Backup Manager) (Version: 9.0 - Genie9)
Google Chrome (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Update Helper (Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
GPBaseService2 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet 2510 series Basic Device Software (HKLM\...\{867988FA-BCE7-46E9-A7E8-DC084A843319}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Help (HKLM\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Product Improvement Study (HKLM\...\{79992AEE-6F58-4DAB-97D0-ADDF278F08F4}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP LaserJet P1500 series (HKLM\...\HP LaserJet P1500 series) (Version: - )
HP Officejet 6000 E609 Series (HKLM\...\{7791308C-85FB-43B9-93F2-7DE9CB7D5C4A}) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.212.000 - Hewlett-Packard) Hidden
iDeer Blu-ray Player (HKLM\...\iDeer Blu-ray Player) (Version: 1.3.3.1365 - iDeerApp Software Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - )
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217013F0}) (Version: 7.0.130 - Oracle)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
JMicron Ethernet Adapter NDIS Driver (HKLM\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.23.4 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
magicJack (HKU\S-1-5-21-4226095529-3221385387-367272059-1001\...\magicJack) (Version: 4.1.7574.5297 - magicJack L.P.)
MagiCSS Live CSS Editor (HKLM\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version: - ) <==== ATTENTION
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971118) (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971118)) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 21.005.22.01.894 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyLanViewer version 4.12.0 (HKLM\...\{2D933C82-63E9-4640-A1EF-08E38F0CF4C2}_is1) (Version: 4.12.0 - S.K. Software)
Nero 8 (HKLM\...\{5FCCD531-1B38-4A94-924C-127F722F1033}) (Version: 8.2.89 - Nero AG)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
nLite 1.4.9.3 (HKLM\...\nLite_is1) (Version: 1.4.9.3 - Dino Nuhagic (nuhi))
Nuclear Coffee - VideoGet (HKLM\...\VideoGet_is1) (Version: 2011 - Nuclear Coffee)
ProductContext (Version: 140.0.000.000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.15013.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SketchUp 2014 (HKLM\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden
Syncios version 4.1.2 (HKLM\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.2 - Anvsoft, Inc.)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.38843 - TeamViewer)
TELIKOM PNG EVDO Modem 1.2 (HKLM\...\TELIKOM PNG EVDO Modem - TELIKOM PNG EVDO Modem_is1) (Version: - )
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Tixati (HKLM\...\tixati) (Version: - )
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Vimicro USB2.0 UVC PC Camera (HKLM\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corp.)
VLC media player 1.1.4 (HKLM\...\VLC media player) (Version: 1.1.4 - VideoLAN)
VNC Enterprise Edition E4.4.3 (HKLM\...\RealVNC_is1) (Version: E4.4.3 (r16583) - RealVNC Ltd.)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
WeatherBug Alert (HKLM\...\{7426428E-71D4-452C-BA13-B14E5EB52859}) (Version: 1.3.0.1 - AWS Convergence Technologies)
WebReg (Version: 140.0.213.017 - Hewlett-Packard) Hidden
webXvid Codec (HKLM\...\webXvid Codec) (Version: 3.6 - webXvid)
Who Is On My Wifi version 2.1.9 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 2.1.9 - IO3O LLC)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.6.6 - Shark007)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (HKLM\...\9B930C353B70A8D589052B35FD6D22DF019FA7A4) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (HKLM\...\745D2949D37D22B578F30B5527277D1FB8BB0709) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Wireless Console 3 (HKLM\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Wondershare Video Converter Ultimate(Build 7.0.0.3) (HKLM\...\Wondershare Video Converter Ultimate_is1) (Version: 7.0.0.3 - Wondershare Software)
WordWeb (HKLM\...\WordWeb) (Version: 6 - WordWeb Software)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.1.20140505 - Xilisoft)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\cadettesam\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{2A2A689C-21B5-4EF4-8DAB-11C244ABCC7A}\InprocServer32 -> 42494E41525953545245414D0300000003000000560A0E0DE70073EF03CA4EB5B5C3BBEBE6D 3854C53B851108CC6F832D5C4 (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{46EE58BF-5326-4789-8CE2-7AC44E01F05B}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Easy Download Manager\Catcher.dll ()
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Chrome\Application\39.0.2171.99\de legate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\cadettesam\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling Proxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.d ll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalli ng.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDem and.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\cadettesam\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\CADETT~1\AppData\Local\Temp\d9cc6.exe No File
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4226095529-3221385387-367272059-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cadettesam\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-01-20 15:03 - 2015-02-19 02:32 - 00001512 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
107.181.187.25 www.google-analytics.com.
107.181.187.25 google-analytics.com.
107.181.187.25 connect.facebook.net.
136.243.254.253 www.google-analytics.com.
136.243.254.253 google-analytics.com.
136.243.254.253 connect.facebook.net.
185.53.9.208 www.google-analytics.com.
185.53.9.208 google-analytics.com.
185.53.9.208 connect.facebook.net.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14EC2802-8C57-4899-9724-E34188C0EDC5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-03-10] ()
Task: {7EBFD97F-6234-43E3-964B-ABF81E4893BB} - System32\Tasks\ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-18] (ASUS)
Task: {8961A90B-53CF-48A4-9205-585A08EC16F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001UA => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
Task: {8B638F16-48A3-4001-8C26-9FB9F6376BF5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {97F6777D-5726-498C-89F8-3E9ADC0E22F2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4226095529-3221385387-367272059-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9C5CC5BD-48AC-470F-997A-CFBDD542FB31} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4226095529-3221385387-367272059-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {BD3F9943-1C36-4D61-8620-BEC7E0B7E670} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-25] (Piriform Ltd)
Task: {C031E380-8BE4-41C7-B1CB-1DCAF6BE9047} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {E37F3C35-C738-4C4E-9665-04447DC4F46F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001Core => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001Core.job => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4226095529-3221385387-367272059-1001UA.job => C:\Users\cadettesam\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-19 02:01 - 2015-02-19 02:01 - 01302528 ____N () C:\Users\cadettesam\AppData\Local\Aplqworks\jhqpaldxqizdk.dll
2015-02-19 02:01 - 2015-02-19 02:01 - 01285632 ____N () C:\Users\cadettesam\AppData\Local\Ujsmedia\ASMdatax216I.dll
2014-08-02 11:05 - 2014-03-17 23:32 - 00003132 _____ () C:\Program Files\DAEMON Tools Pro\MSIMG32.dll
2013-08-29 10:23 - 2013-08-29 10:23 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-08-29 10:25 - 2013-08-29 10:25 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-11 00:15 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2013-05-12 12:44 - 2009-08-20 13:59 - 00022736 ____N () C:\Program Files\WordWeb\WUCNT.dll
2010-01-10 13:18 - 2010-01-10 13:18 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 18:34 - 2010-01-21 18:34 - 08793952 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-05-21 17:56 - 2012-05-21 17:56 - 00196608 _____ () C:\Program Files\Genie9\Genie Backup Manager\GSLogging.dll
2012-05-21 17:57 - 2012-05-21 17:57 - 00196608 _____ () C:\Program Files\Genie9\Genie Backup Manager\gs_encryption.dll
2015-02-19 02:33 - 2013-09-04 22:18 - 00460288 _____ () C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
2015-02-19 02:33 - 2012-06-27 07:18 - 00839680 _____ () C:\Program Files\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll
2013-10-23 15:12 - 2013-10-23 15:12 - 00095608 _____ () C:\Program Files\DivX\DivX Player\DPXIconHandler.dll
2013-01-31 05:56 - 2008-09-17 14:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-09 05:52 - 2012-01-30 10:54 - 00408576 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2014-10-11 00:14 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\System32\WSCM32.dll
2014-01-09 05:52 - 2012-01-21 08:55 - 00427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:5A775C3F
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\cadettesam\Downloads\Wifihackpassword__7934_il1153272 (1).exe:typelib
AlternateDataStreams: C:\Users\cadettesam\Downloads\Wifihackpassword__7934_il1153272.exe:typelib
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4226095529-3221385387-367272059-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\cadettesam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWall paper.jpg
DNS Servers: 8.8.8.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-4226095529-3221385387-367272059-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4226095529-3221385387-367272059-1005 - Limited - Enabled)
cadettesam1 (S-1-5-21-4226095529-3221385387-367272059-1001 - Administrator - Enabled) => C:\Users\cadettesam
carlo (S-1-5-21-4226095529-3221385387-367272059-1006 - Administrator - Enabled) => C:\Users\carlo
Guest (S-1-5-21-4226095529-3221385387-367272059-501 - Limited - Disabled)
itdept (S-1-5-21-4226095529-3221385387-367272059-1002 - Administrator - Enabled) => C:\Users\itdept
user0821 (S-1-5-21-4226095529-3221385387-367272059-1000 - Administrator - Enabled) => C:\Users\user0821
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/19/2015 03:37:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunDll32.exe_HPStatusBL.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: jhqpaldxqizdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5474147e
Exception code: 0xc0000005
Fault offset: 0x03022404
Faulting process id: 0x658
Faulting application start time: 0xRunDll32.exe_HPStatusBL.dll0
Faulting application path: RunDll32.exe_HPStatusBL.dll1
Faulting module path: RunDll32.exe_HPStatusBL.dll2
Report Id: RunDll32.exe_HPStatusBL.dll3
Error: (02/19/2015 03:37:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RunDll32.exe_HPStatusBL.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: jhqpaldxqizdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5474147e
Exception code: 0xc0000005
Fault offset: 0x03022404
Faulting process id: 0x658
Faulting application start time: 0xRunDll32.exe_HPStatusBL.dll0
Faulting application path: RunDll32.exe_HPStatusBL.dll1
Faulting module path: RunDll32.exe_HPStatusBL.dll2
Report Id: RunDll32.exe_HPStatusBL.dll3
Error: (02/19/2015 03:37:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: jhqpaldxqizdk.dll_unloaded, version: 0.0.0.0, time stamp: 0x5474147e
Exception code: 0xc0000005
Fault offset: 0x10002404
Faulting process id: 0x3a48
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (02/19/2015 02:59:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x3d94
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (02/19/2015 02:59:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x3d94
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
Error: (02/19/2015 02:59:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x2518
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Error: (02/19/2015 02:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17420, time stamp: 0x545ad233
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x1640
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (02/19/2015 02:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x2518
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
Error: (02/19/2015 02:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17420, time stamp: 0x545ad233
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x1640
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (02/19/2015 02:58:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DllHost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc6b7
Faulting module name: jhqpaldxqizdk.dll, version: 0.0.0.0, time stamp: 0x51eee94a
Exception code: 0xc0000005
Fault offset: 0x0000240e
Faulting process id: 0x375c
Faulting application start time: 0xDllHost.exe0
Faulting application path: DllHost.exe1
Faulting module path: DllHost.exe2
Report Id: DllHost.exe3
System errors:
=============
Error: (02/19/2015 02:58:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (02/19/2015 02:54:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2015 02:49:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (02/19/2015 02:48:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The DeviceManager service terminated unexpectedly. It has done this 1 time(s).
Error: (02/19/2015 02:45:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Volume Shadow Copy service failed to start due to the following error:
%%1053
Error: (02/19/2015 02:45:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
Error: (02/19/2015 02:45:48 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (02/19/2015 02:44:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HWDeviceService.exe service terminated unexpectedly. It has done this 1 time(s).
Error: (02/19/2015 02:37:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (02/19/2015 02:36:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. OUC service failed to start due to the following error:
%%1053
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 70%
Total physical RAM: 2988.56 MB
Available physical RAM: 880.43 MB
Total Pagefile: 5975.41 MB
Available Pagefile: 3738.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.34 GB) (Free:13.91 GB) NTFS
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:144.87 GB) NTFS
Drive i: () (Fixed) (Total:7.45 GB) (Free:1.58 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 5280614B)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)
==================== End Of Log ============================