1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

hijack this log - Help

Discussion in 'Windows - Virus and spyware problems' started by Shaz, Dec 16, 2014.

  1. Shaz

    Shaz Newbie

    Joined:
    Dec 16, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 01:01:54 AM, on 17/12/2014
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.17416)


    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe
    c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Users\Shaz\AppData\Roaming\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Shaz\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll
    O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
    O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\Shaz\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
    O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session http://en.v9.com/?utm_source=b&utm_...KX-60U6AA0_WD-WCC2EFD2387923879&ts=1384722058
    O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1418636675
    O4 - Startup: Dropbox.lnk = ?
    O4 - Startup: Logitech Touch Mouse Server.lnk = C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: BlackBerry Device Manager - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
    O23 - Service: Mobile Broadband HL Service - Unknown owner - C:\ProgramData\MobileBrServ\mbbservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: SurfEasy Service (SurfEasyVPN) - Unknown owner - C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 14672 bytes
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    Hi Shaz, is there a question in there somewhere???

    HJT is no longer a viable program for checking a computer, it's too outdated. Only shows IE browser and does not work well with 64bit.

    If you need help with a malware or ?? then do the following:

    [​IMG] Scan with Farbar Recovery Scan Tool

    Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
      (XP users click run after receipt of Windows Security Warning - Open File).
    • When the tool opens click Yes to disclaimer.
    • Make sure that Addition option is checked.
    • Press Scan button and wait.
    • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
    Please attach both logs to your next reply.

    2oG
     
  3. Shaz

    Shaz Newbie

    Joined:
    Dec 16, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Hi 2OldGeek,

    Thanks for your reply.
    I forgot to put in my question.
    And it's been a long time since I used this forum.
    Yes, I do have virus issues and I'm not sure what kind (most probably malware).
     
  4. Shaz

    Shaz Newbie

    Joined:
    Dec 16, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    FIRST
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
    Ran by Shaz (administrator) on SHAZ-PC on 17-12-2014 13:25:51
    Running from C:\Users\Shaz\Downloads
    Loaded Profile: Shaz (Available profiles: Shaz)
    Platform: Windows 8.1 Single Language (X64) OS Language: English (United Kingdom)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    () C:\ProgramData\MobileBrServ\mbbService.exe
    (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (BitTorrent Inc.) C:\Users\Shaz\AppData\Roaming\uTorrent\uTorrent.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
    (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Logitech, Inc.) C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe
    (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-09-20] (Realtek Semiconductor)
    HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-02-01] (CyberLink)
    HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-02-01] (CyberLink Corp.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-10-08] (Power Software Ltd)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
    HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [uTorrent] => C:\Users\Shaz\AppData\Roaming\uTorrent\uTorrent.exe [1287504 2014-06-06] (BitTorrent Inc.)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2013-09-30] (Microsoft Corporation)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\Users\Shaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Shaz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Shaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Touch Mouse Server.lnk
    ShortcutTarget: Logitech Touch Mouse Server.lnk -> C:\Program Files (x86)\Logitech Touch Mouse Server\iTouch-Server-Win.exe (Logitech, Inc.)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM -> {A956A86D-2CF9-4B40-89E4-A8F49957C23F} URL = http://www.amazon.co.uk/s/ref=azs_o...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 -> {A956A86D-2CF9-4B40-89E4-A8F49957C23F} URL = http://www.amazon.co.uk/s/ref=azs_o...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002 -> {8B94E9D5-D99B-4B3D-A8FB-52E2EABC6F89} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3289075&CUI=UN42551612993223420&UM=1
    SearchScopes: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002 -> {A956A86D-2CF9-4B40-89E4-A8F49957C23F} URL = http://www.amazon.co.uk/s/ref=azs_o...ode=qs&index=aps&field-keywords={searchTerms}
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
    BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @rim.com/npappworld -> C:\Program Files (x86)\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll ()
    FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3020595468-3366376769-3838502134-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Shaz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-3020595468-3366376769-3838502134-1002: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013-10-09]
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2014-12-12]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-09]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-16]
    CHR Extension: (McAfee Security Scan+) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-23]
    CHR Extension: (Star Wars: The Old Republic (Fan Theme)) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnlhhmadgnolonjjlcaeppdkpllmaip [2014-04-23]
    CHR Extension: (ZenMate) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-10-27]
    CHR Extension: (pRicEechoop) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmmmgielpgijojoakofogkilkjfplia [2014-09-06]
    CHR Extension: (Skype Click to Call) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-09]
    CHR Extension: (Google Wallet) - C:\Users\Shaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
    CHR HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Shaz\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-09-06]
    CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-02]
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited) [File not signed]
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
    R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
    R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-30] (Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-30] (Intel Corporation)
    R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
    R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [232288 2012-04-09] ()
    R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-09-20] (Realtek Semiconductor)
    R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [3272376 2014-12-03] ()
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-18] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
    R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
    R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1406000.01B\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-12] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-12] (Symantec Corporation)
    R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20131111.002\IDSvia64.sys [521816 2013-10-28] (Symantec Corporation)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-17] (Malwarebytes Corporation)
    R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-03-30] (Intel Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131112.002\ENG64.SYS [126040 2013-09-12] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20131112.002\EX64.SYS [2099288 2013-09-12] (Symantec Corporation)
    R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2512016 2014-06-13] (MediaTek Inc.)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
    R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
    S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1406000.01B\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\NISx64\1406000.01B\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
    S4 SymELAM; C:\Windows\system32\drivers\NISx64\1406000.01B\SymELAM.sys [23448 2012-06-21] (Symantec Corporation)
    R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-09-13] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\NISx64\1406000.01B\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
    R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
    R3 tapse01; C:\Windows\system32\DRIVERS\tapse01.sys [26624 2014-08-26] (The OpenVPN Project)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 13:25 - 2014-12-17 13:26 - 00027205 _____ () C:\Users\Shaz\Downloads\FRST.txt
    2014-12-17 13:25 - 2014-12-17 13:25 - 00000000 ____D () C:\FRST
    2014-12-17 13:23 - 2014-12-17 13:24 - 02119168 _____ (Farbar) C:\Users\Shaz\Downloads\FRST64.exe
    2014-12-17 01:00 - 2014-12-17 01:01 - 00014674 _____ () C:\Users\Shaz\Downloads\hijackthis.log
    2014-12-17 01:00 - 2014-12-17 01:00 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shaz\Downloads\HijackThis.exe
    2014-12-16 14:06 - 2014-10-31 03:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2014-12-16 14:06 - 2014-10-31 03:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2014-12-12 09:54 - 2014-12-12 09:54 - 00000000 ____D () C:\WINDOWS\system32\appraiser
    2014-12-11 13:55 - 2014-11-10 07:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
    2014-12-11 13:55 - 2014-11-10 06:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
    2014-12-11 13:55 - 2014-10-31 04:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2014-12-11 13:55 - 2014-10-31 04:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2014-12-11 13:43 - 2014-12-04 04:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
    2014-12-11 13:43 - 2014-12-04 04:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2014-12-11 13:43 - 2014-12-03 04:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2014-12-11 13:43 - 2014-12-03 04:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2014-12-11 13:43 - 2014-12-03 04:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2014-12-11 13:43 - 2014-12-03 04:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2014-12-11 13:43 - 2014-12-03 04:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2014-12-11 13:43 - 2014-11-07 09:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2014-12-11 13:43 - 2014-11-07 08:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2014-12-11 13:43 - 2014-11-01 04:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2014-12-11 13:43 - 2014-11-01 04:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2014-12-11 13:43 - 2014-10-13 07:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
    2014-12-11 13:43 - 2014-10-13 07:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
    2014-12-11 13:43 - 2014-10-13 07:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2014-12-11 13:43 - 2014-10-13 07:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2014-12-11 13:42 - 2014-11-22 08:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-12-11 13:42 - 2014-11-22 07:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2014-12-11 13:42 - 2014-11-22 07:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-12-11 13:42 - 2014-11-22 07:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
    2014-12-11 13:42 - 2014-11-22 07:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2014-12-11 13:42 - 2014-11-22 07:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2014-12-11 13:42 - 2014-11-22 07:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2014-12-11 13:42 - 2014-11-22 07:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2014-12-11 13:42 - 2014-11-22 07:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-12-11 13:42 - 2014-11-22 07:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2014-12-11 13:42 - 2014-11-22 07:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
    2014-12-11 13:42 - 2014-11-22 07:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2014-12-11 13:42 - 2014-11-22 07:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2014-12-11 13:42 - 2014-11-22 07:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2014-12-11 13:42 - 2014-11-22 07:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2014-12-11 13:42 - 2014-11-22 06:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2014-12-11 13:42 - 2014-11-22 06:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2014-12-11 13:42 - 2014-11-22 06:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2014-12-11 13:42 - 2014-11-22 06:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-12-11 13:42 - 2014-11-22 06:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-12-11 13:42 - 2014-11-22 06:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2014-12-11 13:42 - 2014-11-22 06:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-12-11 13:42 - 2014-11-22 06:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-12-11 13:42 - 2014-11-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2014-12-11 13:42 - 2014-11-22 06:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2014-12-11 13:42 - 2014-11-22 06:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2014-12-11 13:42 - 2014-11-22 06:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2014-12-11 13:42 - 2014-11-22 06:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2014-12-11 13:42 - 2014-11-22 06:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-12-11 13:42 - 2014-11-22 06:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2014-12-11 13:42 - 2014-11-22 06:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2014-12-11 13:42 - 2014-11-22 06:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2014-12-11 13:42 - 2014-11-22 06:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2014-12-11 13:42 - 2014-11-22 06:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-12-11 13:42 - 2014-11-22 06:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2014-12-11 13:42 - 2014-11-22 06:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2014-12-11 13:42 - 2014-11-22 06:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2014-12-11 13:42 - 2014-11-22 05:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2014-12-11 13:42 - 2014-11-22 05:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2014-12-11 01:56 - 2014-12-11 01:56 - 00000000 ____D () C:\Program Files (x86)\SurfEasy VPN
    2014-12-09 22:05 - 2014-12-09 22:05 - 00257543 _____ () C:\Users\Shaz\Downloads\Business Plan.pptx
    2014-12-09 19:43 - 2014-12-09 19:43 - 01080608 _____ (Unity Technologies ApS) C:\Users\Shaz\Downloads\UnityWebPlayer.exe
    2014-12-09 19:43 - 2014-12-09 19:43 - 00000000 ____D () C:\Users\Shaz\AppData\Local\Unity
    2014-12-05 18:14 - 2014-12-05 18:14 - 00094800 _____ () C:\Users\Shaz\Downloads\HTD-C550WWM-1008.1.zip
    2014-12-05 18:11 - 2014-12-05 18:11 - 03325614 _____ () C:\Users\Shaz\Downloads\HTD-C550WWB-1010.2 (1).zip
    2014-12-05 18:04 - 2014-12-05 18:04 - 00041353 _____ () C:\Users\Shaz\Downloads\C450_USB_Disk_2.zip
    2014-12-05 18:01 - 2014-12-05 18:01 - 00025578 _____ () C:\Users\Shaz\Downloads\C450_USB_Disk_1.zip
    2014-12-02 22:11 - 2014-12-02 22:11 - 00026185 _____ () C:\Users\Shaz\Downloads\hercules-english-yify-26869.zip
    2014-12-01 23:01 - 2014-12-01 23:01 - 00017187 _____ () C:\Users\Shaz\Downloads\4c79587abcb126484fd1af199cbc16516d1dc2fb.zip
    2014-12-01 21:04 - 2014-12-01 21:04 - 00008768 _____ () C:\Users\Shaz\Downloads\Teenage_Mutant_Ninja_Turtles_2014_720p.torrent
    2014-12-01 21:00 - 2014-12-01 21:00 - 00007527 _____ () C:\Users\Shaz\Downloads\Moms.Night.Out.2014.720p.BluRay.x264-[rarbg.com].torrent
    2014-12-01 02:23 - 2014-12-01 02:23 - 00853587 _____ () C:\Users\Shaz\Desktop\Partnership.pptx
    2014-12-01 01:42 - 2014-12-01 01:43 - 00040690 _____ () C:\Users\Shaz\Downloads\PARTNER SHIP (1).pptx
    2014-12-01 01:39 - 2014-12-01 01:39 - 00040690 _____ () C:\Users\Shaz\Downloads\PARTNER SHIP.pptx
    2014-11-28 23:59 - 2014-11-28 23:59 - 03325614 _____ () C:\Users\Shaz\Downloads\HTD-C550WWB-1010.2.zip
    2014-11-24 12:27 - 2014-12-16 22:59 - 01541876 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-11-23 03:43 - 2014-11-23 04:01 - 144015416 _____ () C:\Users\Shaz\Downloads\InfiniteCrisis-GLOBAL_Setup.exe
    2014-11-19 20:17 - 2014-11-10 04:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2014-11-19 20:17 - 2014-11-10 04:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2014-11-19 20:17 - 2014-11-10 04:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2014-11-19 20:17 - 2014-11-10 04:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
    2014-11-17 02:36 - 2014-11-17 02:36 - 00015388 _____ () C:\Users\Shaz\Downloads\[kickass.to]tyrant.s01e04.hdtv.x264.killers.eztv.torrent

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 13:24 - 2013-09-12 14:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3020595468-3366376769-3838502134-1002
    2014-12-17 13:23 - 2013-09-12 17:44 - 00000000 ____D () C:\Users\Shaz\AppData\Roaming\uTorrent
    2014-12-17 13:16 - 2013-09-12 19:46 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-17 13:02 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sru
    2014-12-17 12:53 - 2014-10-01 21:50 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-12-17 12:53 - 2013-10-01 12:38 - 00000000 ____D () C:\Users\Shaz\AppData\Roaming\Skype
    2014-12-17 09:45 - 2013-11-18 12:33 - 01157120 ___SH () C:\Users\Shaz\Desktop\Thumbs.db
    2014-12-17 07:38 - 2013-11-19 22:18 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F0CA53E1-2687-4B74-8EBD-3E0D88E9C220}
    2014-12-17 01:00 - 2013-09-12 14:15 - 00000000 ____D () C:\Users\Shaz\AppData\Local\VirtualStore
    2014-12-17 00:57 - 2013-09-12 16:22 - 00000000 ____D () C:\Users\Shaz\AppData\Roaming\vlc
    2014-12-16 20:33 - 2012-07-26 12:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
    2014-12-16 14:45 - 2014-11-05 23:03 - 00003750 _____ () C:\WINDOWS\System32\Tasks\AutoKMS
    2014-12-15 18:50 - 2014-11-12 23:12 - 00003156 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForShaz
    2014-12-15 18:50 - 2014-11-12 23:12 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForShaz.job
    2014-12-15 14:44 - 2014-09-06 07:08 - 00000000 ___RD () C:\Users\Shaz\Google Drive
    2014-12-15 14:44 - 2013-11-18 08:51 - 00000000 ___DO () C:\Users\Shaz\SkyDrive
    2014-12-15 14:42 - 2013-12-02 02:33 - 00000462 ____H () C:\WINDOWS\Tasks\SK.Enhancer-S-161304646.job
    2014-12-15 14:42 - 2013-09-12 19:46 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-15 00:52 - 2014-09-04 21:41 - 00000000 ____D () C:\Users\Shaz\Desktop\Uni
    2014-12-14 23:01 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
    2014-12-12 11:07 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\rescache
    2014-12-12 10:00 - 2013-08-22 18:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
    2014-12-12 09:57 - 2013-08-22 19:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-12-12 09:56 - 2013-08-22 18:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
    2014-12-12 09:54 - 2014-08-09 03:07 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
    2014-12-12 09:54 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
    2014-12-12 09:54 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
    2014-12-12 09:54 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
    2014-12-12 09:54 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
    2014-12-12 09:54 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
    2014-12-12 07:16 - 2013-09-20 07:34 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
    2014-12-12 07:15 - 2013-09-20 07:33 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-12-11 22:24 - 2014-09-21 07:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-11 22:23 - 2013-09-12 19:26 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-12-11 22:18 - 2013-09-12 19:26 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2014-12-11 18:43 - 2013-06-14 15:34 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
    2014-12-11 17:47 - 2014-09-10 01:58 - 00000000 ____D () C:\Users\Shaz\AppData\Local\com.surfeasy.se0200
    2014-12-10 18:22 - 2014-04-23 18:03 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-12-10 18:15 - 2014-08-09 02:30 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-12-10 18:15 - 2013-10-01 12:37 - 00000000 ____D () C:\ProgramData\Skype
    2014-12-08 20:35 - 2014-08-25 23:52 - 00000000 ____D () C:\Users\Shaz\Documents\Movies
    2014-12-05 18:05 - 2013-11-18 04:01 - 00956540 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-12-03 09:29 - 2014-10-01 21:48 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-03 09:29 - 2014-10-01 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-03 09:29 - 2014-10-01 21:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-11-29 20:03 - 2014-08-29 17:38 - 00000000 ____D () C:\Users\Shaz\Documents\TV
    2014-11-28 14:29 - 2013-11-18 04:04 - 00000000 ____D () C:\Users\Shaz
    2014-11-28 08:29 - 2013-06-14 15:19 - 00006849 _____ () C:\WINDOWS\system32\RaCoInst.log
    2014-11-28 08:28 - 2012-08-02 08:15 - 00000000 ____D () C:\SWSETUP
    2014-11-27 02:10 - 2013-08-22 20:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2014-11-27 02:10 - 2013-08-22 20:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2014-11-21 06:14 - 2014-10-01 21:48 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
    2014-11-21 06:14 - 2014-10-01 21:48 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
    2014-11-21 06:14 - 2014-10-01 21:48 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-11-19 21:44 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
    2014-11-19 20:36 - 2013-08-22 20:36 - 00000000 ____D () C:\WINDOWS\WinStore
    2014-11-19 20:36 - 2012-07-26 13:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-17 07:29

    ==================== End Of Log ============================
     
  5. Shaz

    Shaz Newbie

    Joined:
    Dec 16, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    ADDITION

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2014 01
    Ran by Shaz at 2014-12-17 13:27:14
    Running from C:\Users\Shaz\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
    AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\uTorrent) (Version: 3.4.2.31627 - BitTorrent Inc.)
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
    BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
    BlackBerry Device Software Updater (HKLM-x32\...\{334147DC-B3C8-4626-A985-4AEA8A36DAB6}) (Version: 8.0.0.41 - Research In Motion Ltd)
    BlackBerry World Browser Plugin (HKLM-x32\...\{FDF106F5-6329-405A-8627-D9C5F113CD51}) (Version: 10.2.168.18 - Research In Motion Limited)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
    CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2509 - CyberLink Corp.)
    Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3724 - CyberLink Corp.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2301 - CyberLink Corp.)
    CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2524 - CyberLink Corp.)
    CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.3801 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
    Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
    Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
    HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
    HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6263.4289 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.1.0.001 - HTC Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Logitech Touch Mouse Server 1.0 (HKLM-x32\...\Logitech Touch Mouse Server) (Version: 1.0 - Logitech Inc.)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.14.01.03 - Huawei Technologies Co.,Ltd)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments)
    Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
    Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
    Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
    Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
    Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.48.0 - Mediatek)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6875 - Realtek Semiconductor Corp.)
    Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.0.6122 - CyberLink Corp.) Hidden
    SK.Enhancer (HKLM-x32\...\S-161304646) (Version: 4.2.0.1406 - PremiumSoft) <==== ATTENTION
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
    Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
    SurfEasy VPN 3.0.250 (HKLM-x32\...\SurfEasy VPN) (Version: 3.0.250 - SurfEasy Inc)
    Unity Web Player (HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Shaz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Shaz\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3020595468-3366376769-3838502134-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shaz\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    28-11-2014 03:18:06 HPSF Applying updates
    05-12-2014 06:44:17 Scheduled Checkpoint
    10-12-2014 21:03:15 Installed Microsoft Visual C++ 2005 Redistributable
    16-12-2014 15:29:08 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 18:25 - 2013-08-22 18:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {278F2504-AC8F-48A7-A8F6-447EA634A4CF} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
    Task: {2B543C78-EA5F-46A2-A7C9-18BCF836F83F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
    Task: {4E031A6F-059A-4EBC-B3AE-C96E2C79D9BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-11] (Microsoft Corporation)
    Task: {543293A7-835B-4B6E-A0EE-C253D7289B38} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-11-05] ()
    Task: {5B935393-6751-48BC-8124-78325BE4824B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {5DF57A59-A162-495A-BE79-292E251B0E0D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
    Task: {639F0493-9416-4607-9D31-C23E29B025E6} - System32\Tasks\HPCeeScheduleForShaz => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
    Task: {650E4901-17F7-44A4-8B40-BA56B39998BF} - System32\Tasks\SK.Enhancer-S-161304646 => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
    Task: {6B840921-6803-411D-9F96-22F626DAFC73} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
    Task: {6E8B5B6D-253F-42EC-9C84-4A3F8FB5964E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {7B30BACE-8025-410D-BD3A-454B8190B840} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {915CAC82-BAAD-4D40-8191-C04FAFB73544} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {984A7178-7479-4164-8CBC-BDC765CA831F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {9F6ED13F-A262-42E6-9006-C13786F20F76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {AAB41436-D744-42F3-B4CD-1A7B769B45D5} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-01] (CyberLink)
    Task: {B284F704-758C-498C-A1FE-451BC86A0B70} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-11-01] (CyberLink Corp.)
    Task: {BC8EDB67-D58E-4C69-A001-77348319909D} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3020595468-3366376769-3838502134-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
    Task: {CC7CC242-E49C-45E5-96CA-4240DA3BCBDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
    Task: {E392FCD2-5D50-4C65-B854-73A34337A216} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-30] (Symantec Corporation)
    Task: {F10C86F8-9E8B-40AD-8708-BBD67708344C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
    Task: {F79D0FDD-8ACB-4DF5-BEED-FDF7298EAB55} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForShaz.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\SK.Enhancer-S-161304646.job => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION

    ==================== Loaded Modules (whitelisted) =============

    2013-09-12 14:21 - 2012-04-09 18:14 - 00232288 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
    2014-12-11 01:56 - 2014-12-03 00:09 - 03272376 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
    2013-09-16 09:22 - 2013-09-16 09:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-03-30 17:29 - 2014-03-30 17:29 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-05-02 02:28 - 2012-05-30 11:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
    2013-06-14 15:24 - 2012-06-08 08:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
    2012-06-08 15:34 - 2012-06-08 15:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
    2014-12-15 14:43 - 2014-12-15 14:43 - 00098816 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32api.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00110080 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\pywintypes27.dll
    2014-12-15 14:43 - 2014-12-15 14:43 - 00364544 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\pythoncom27.dll
    2014-12-15 14:43 - 2014-12-15 14:43 - 00045568 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\_socket.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 01160704 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\_ssl.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00320512 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32com.shell.shell.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00713216 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\_hashlib.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 01175040 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._core_.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00805888 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._gdi_.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00811008 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._windows_.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 01062400 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._controls_.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00735232 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._misc_.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00128512 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\_elementtree.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00127488 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\pyexpat.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00557056 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\pysqlite2._sqlite.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00007168 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\hashobjs_ext.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00087552 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\_ctypes.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00119808 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32file.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00108544 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32security.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00018432 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32event.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00038912 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32inet.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00070656 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._html2.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00167936 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32gui.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00011264 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32crypt.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00027136 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\_multiprocessing.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00686080 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\unicodedata.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00122368 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._wizard.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00010240 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\select.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00024064 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32pipe.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00025600 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32pdh.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00525640 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\windows._lib_cacheinvalidation.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00035840 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32process.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00017408 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32profile.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00022528 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\win32ts.pyd
    2014-12-15 14:43 - 2014-12-15 14:43 - 00078336 _____ () C:\Users\Shaz\AppData\Local\Temp\_MEI29882\wx._animate.pyd
    2014-03-15 22:33 - 2014-03-15 05:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
    2014-03-15 22:33 - 2014-03-15 05:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
    2014-03-15 22:33 - 2014-03-15 05:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
    2014-03-15 22:33 - 2014-03-15 05:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
    2014-03-15 22:33 - 2014-03-15 05:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
    2014-03-15 22:33 - 2014-03-15 05:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
    2014-03-15 22:33 - 2014-03-15 05:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\Users\Shaz\SkyDrive:ms-properties

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
    HKU\S-1-5-21-3020595468-3366376769-3838502134-1002\...\StartupApproved\Run: => "msnmsgr"

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-3020595468-3366376769-3838502134-500 - Administrator - Disabled)
    Guest (S-1-5-21-3020595468-3366376769-3838502134-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3020595468-3366376769-3838502134-1004 - Limited - Enabled)
    Shaz (S-1-5-21-3020595468-3366376769-3838502134-1002 - Administrator - Enabled) => C:\Users\Shaz

    ==================== Faulty Device Manager Devices =============

    Name: Realtek PCIe GBE Family Controller
    Description: Realtek PCIe GBE Family Controller
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: RTL8168
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/17/2014 00:52:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11014204

    Error: (12/17/2014 00:52:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11014204

    Error: (12/17/2014 00:52:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/17/2014 00:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11009782

    Error: (12/17/2014 00:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11009782

    Error: (12/17/2014 00:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/17/2014 00:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11008641

    Error: (12/17/2014 00:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11008641

    Error: (12/17/2014 00:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/17/2014 00:52:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11007532


    System errors:
    =============
    Error: (12/17/2014 07:29:12 AM) (Source: DCOM) (EventID: 10010) (User: SHAZ-PC)
    Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

    Error: (12/15/2014 11:17:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/12/2014 09:59:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (12/11/2014 06:34:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

    Error: (12/09/2014 11:46:43 AM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport \Device\NetBT_Tcpip_{0EAD4BEB-0765-40C7-8D15-79209BF70EB5} because another computer on the network has the same name. The server could not start.

    Error: (12/06/2014 07:37:47 PM) (Source: Tcpip) (EventID: 4199) (User: )
    Description: The system detected an address conflict for IP address 0.0.0.0 with the system
    having network hardware address 00-00-00-00-00-00. Network operations on this system may
    be disrupted as a result.

    Error: (12/01/2014 11:05:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (11/28/2014 06:26:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Google Update Service (gupdate) service failed to start due to the following error:
    %%2

    Error: (11/28/2014 02:30:06 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
    Description: The NIHardwareService service did not shut down properly after receiving a pre-shutdown control.

    Error: (11/28/2014 02:29:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Windows Modules Installer service terminated with the following error:
    %%16389


    Microsoft Office Sessions:
    =========================
    Error: (12/17/2014 00:52:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11014204

    Error: (12/17/2014 00:52:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11014204

    Error: (12/17/2014 00:52:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/17/2014 00:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11009782

    Error: (12/17/2014 00:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11009782

    Error: (12/17/2014 00:52:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/17/2014 00:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11008641

    Error: (12/17/2014 00:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11008641

    Error: (12/17/2014 00:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (12/17/2014 00:52:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11007532


    CodeIntegrity Errors:
    ===================================
    Date: 2014-05-09 00:22:07.928
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2014-05-09 00:22:07.863
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
    Percentage of memory in use: 59%
    Total physical RAM: 3964.37 MB
    Available physical RAM: 1611.91 MB
    Total Pagefile: 6933.59 MB
    Available Pagefile: 2840.3 MB
    Total Virtual: 131072 MB
    Available Virtual: 131071.8 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:450.95 GB) (Free:68.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (Recovery Image) (Fixed) (Total:12.99 GB) (Free:1.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive g: (DeathStar Plans 2) (Fixed) (Total:931.48 GB) (Free:761.59 GB) NTFS
    Drive h: (SHAZ2) (Removable) (Total:14.9 GB) (Free:12.52 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 82C1DE89)

    Partition: GPT Partition Type.

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: D58773DC)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 14.9 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================
     
  6. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    Hi Shaz, well, not too bad.. Looks like you picked up some browser Hijackers and a bad program.
    I will be in and out today so, it may take a little while to set up a fix. I'll try to get it to you as soon as I can.

    Hang in there........
    2oG :)
     
  7. Shaz

    Shaz Newbie

    Joined:
    Dec 16, 2014
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Thanks a lot 2OldGeek.
    take your time
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    Hi Shaz, here we go.....

    Please attach all reports using [​IMG] button below. Doing this, you make it easier for me to analyze and fix your problem.

    NOTE: All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.

    [​IMG] Uninstall some programs

    First, uninstall this program: (if you can find it in the uninstall list)
    • sk.enhancer
    If it's not there, that will be OK....



    [​IMG] Fix with Farbar Recovery Scan Tool

    [​IMG] This fix was created for this user for use on that particular machine. [​IMG]
    [​IMG] Running it on another one may cause damage and render the system unstable. [​IMG]

    Download attached fixlist.txt file and save it to the Desktop:

    Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
    • Press the Fix button just once and wait.
    • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
    Please attach Fixlog.txt to your reply.

    How is your PC now? o_O
    2oG
     

    Attached Files:

Share This Page