Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Member
    Join Date
    May 2008
    Location
    AUSTRALIA
    Posts
    135
    Points
    1

    Default Please check, PC very slow

    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 05/23/2015 at 12:15 PM

    Application Version : 6.0.1194
    Database Version : 11891

    Scan type : Complete Scan
    Total Scan Time : 00:50:11

    Operating System Information
    Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Administrator

    Memory items scanned : 628
    Memory threats detected : 0
    Registry items scanned : 36880
    Registry threats detected : 0
    File items scanned : 36370
    File threats detected : 18

    Adware.Tracking Cookie
    .imrworldwide.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .adform.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    traffic.prod.cobaltgroup.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\BRODIES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QK7WYSPU.DEFAULT-1427195744199\COOKIES.SQLITE ]

    ============
    End of Log
    ============

    <?xml version="1.0" encoding="UTF-8" ?>
    <logs>
    <record severity="debug" LoggingEventType="4" datetime="2015-05-23T08:29:38.975993+10:00" source="Protection" type="Error" username="SYSTEM" systemname="BRODIES-PC" code="13" last_modified_tag="024e3653-fc58-434a-a404-7c94bb305ab0" message="IsLicensed"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-05-23T08:29:39.024995+10:00" source="Protection" type="Protection" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="27e10d04-7cb3-41c9-8cdc-4bc5167f50a4" result="Stopping" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-05-23T08:29:39.036996+10:00" source="Protection" type="Protection" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="ed973b1f-c364-4ec4-bcb5-454ea432fb3a" result="Stopped" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="4" datetime="2015-05-23T11:18:36.920286+10:00" source="Protection" type="Error" username="SYSTEM" systemname="BRODIES-PC" code="13" last_modified_tag="8a0466d4-c4d3-4bb3-82c6-992c50e679a9" message="IsLicensed"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-05-23T11:18:36.977289+10:00" source="Protection" type="Protection" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="b7a88eaf-268e-4e36-9aaa-86a8b216dc54" result="Stopping" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-05-23T11:18:36.992290+10:00" source="Protection" type="Protection" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="4cae7ac0-22b2-400b-902f-e816ab741102" result="Stopped" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="1" datetime="2015-05-23T11:25:50.075061+10:00" source="Manual" type="Update" username="SYSTEM" systemname="BRODIES-PC" fromVersion="2015.5.20.5" last_modified_tag="dfdd350a-682a-4df8-8dbe-cb50c0117180" name="Malware Database" toVersion="2015.5.22.6"></record>
    <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2015-05-23T11:25:53+10:00" datetime="2015-05-23T12:27:22.040229+10:00" source="Manual" type="Scan" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="8e2c21d0-1f8d-4a0b-9f33-0443faec36f9" duration="3688" malwaredetections="0" nonmalwaredetections="0" scanresult="completed"></record>
    <record severity="debug" LoggingEventType="4" datetime="2015-05-23T20:01:33.761415+10:00" source="Protection" type="Error" username="SYSTEM" systemname="BRODIES-PC" code="13" last_modified_tag="193aea4c-3c6d-482c-9638-26791e076f12" message="IsLicensed"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-05-23T20:01:33.820418+10:00" source="Protection" type="Protection" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="d2092da2-e9ed-4613-aa3d-f60301f21a26" result="Stopping" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2015-05-23T20:01:33.832419+10:00" source="Protection" type="Protection" username="SYSTEM" systemname="BRODIES-PC" last_modified_tag="0abf3535-d6f1-462d-af6a-070071d9bbf8" result="Stopped" subtype="Malware Protection"></record>
    </logs>

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 8:18:31 PM, on 23-May-15
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17801)

    FIREFOX: 38.0.1 (x86 en-US)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\RunDll32.exe
    C:\Users\Brodies\Downloads\HijackThis(1).exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Google
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Google
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
    O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
    O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
    O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
    O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
    O8 - Extra context menu item: New Note - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AAA2EA71-4D17-4F03-83CA-D5AE9CE8F648}: NameServer = 208.67.222.222,208.67.220.220
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: pcCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: Telstra MAHostService - Alcatel-Lucent - C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\MAHostService.exe

    --
    End of file - 7765 bytes
    Cheers,

    Jamie

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello Jamie,

    Looks like you will need to download the 32Bit Version, and we need it on the desktop.

    Download the version of this tool for your operating system.
    Farbar Recovery Scan Tool (64 bit)
    farbar-recovery-scan-tool/dl/81/Farbar Recovery Scan Tool (32 bit)
    and save it to a folder on your computer's Desktop.
    Double-click to run it. When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The first time the tool is run, it makes also another log (Addition.txt). Please also paste it to your reply.

  3. #3
    Member
    Join Date
    May 2008
    Location
    AUSTRALIA
    Posts
    135
    Points
    1

    Default

    Quote Originally Posted by zep516 View Post
    Hello Jamie,

    Looks like you will need to download the 32Bit Version, and we need it on the desktop.

    Download the version of this tool for your operating system.
    Farbar Recovery Scan Tool (64 bit)
    farbar-recovery-scan-tool/dl/81/Farbar Recovery Scan Tool (32 bit)
    and save it to a folder on your computer's Desktop.
    Double-click to run it. When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    The first time the tool is run, it makes also another log (Addition.txt). Please also paste it to your reply.


    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-05-2015 01
    Ran by Brodies (administrator) on BRODIES-PC on 24-05-2015 10:00:26
    Running from C:\Users\Brodies\Desktop\FRST
    Loaded Profiles: Brodies (Available Profiles: Brodies)
    Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    (BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
    () C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Alcatel-Lucent) C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\MAHostService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Joyent, Inc) C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\node.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [325000 2011-03-17] (BillP Studios)
    HKLM-x32\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
    HKLM\...\Run: [TaskTray] => [X]
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
    Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04] (SUPERAntiSpyware.com)
    Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
    HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
    HKU\S-1-5-18\...\Run: [] => [X]
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
    BootExecute: autocheck autochk * sdnclean.exe
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-633753297-1222489795-330927598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
    HKU\S-1-5-21-633753297-1222489795-330927598-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKU\S-1-5-21-633753297-1222489795-330927598-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-633753297-1222489795-330927598-1000 -> http://www.google.com/search?q={searchTerms}
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-27] (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
    ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-08-20] (SuperAdBlocker.com)
    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{AAA2EA71-4D17-4F03-83CA-D5AE9CE8F648}: [NameServer] 208.67.222.222,208.67.220.220

    FireFox:
    ========
    FF ProfilePath: C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\qk7wyspu.default-1427195744199
    FF SelectedSearchEngine: oursurfing
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-16] ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
    FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2011-01-09] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
    FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\npMotive.dll [2014-09-11] (Telstra Corporation Ltd.)
    FF Plugin: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files\Common Files\Motive\npMotiveRequest.dll [2014-09-11] (Telstra Corporation Ltd.)
    FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
    FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-03] (NVIDIA Corporation)
    FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-03] (NVIDIA Corporation)
    FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\6jderfja.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
    FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-633753297-1222489795-330927598-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Brodies\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-11-03] (Unity Technologies ApS)
    FF user.js: detected! => C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\qk7wyspu.default-1427195744199\user.js [2015-05-21]
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-27] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-05-02] (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-29] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-29] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-29] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-29] (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-29] (Apple Inc.)
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-19]
    FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-19]
    FF Extension: Telstra Extension - C:\Program Files\Mozilla Firefox\browser\extensions\mcciwbch@motive.com.xpi [2015-05-19]
    FF Extension: Hawker - C:\Program Files\Mozilla Firefox\distribution\bundles\{B5643E87-4502-60E2-A32A-6E126145609B} [2015-05-21]
    FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-05-19]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR StartupUrls: Default -> "hxxp://www.oursurfing.com/?type=hppp&ts=1432154600&z=d73558700a90c18d8dd7550g0zdc6o3g4w2zbq3ebq&from=fsf&uid=ST3500830AS_9QG75H9LXXXX9QG75H9L"
    CHR DefaultSearchKeyword: Default -> oursurfing
    CHR DefaultSuggestURL: Default ->
    CHR Plugin: (Shockwave Flash) - C:\Users\Brodies\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll No File
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\42.0.2311.152\pdf.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
    CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
    CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File
    CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
    CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
    CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File
    CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
    CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Unity Player) - C:\Users\Brodies\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    CHR Profile: C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Bookmark Manager) - C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-16]
    CHR Extension: (Google Wallet) - C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]
    CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2015-01-01]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-30] (SUPERAntiSpyware.com)
    R2 AHDDC2; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-09-29] (Advanced Micro Devices, Inc.) []
    S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo HDD Control 2\DfSdkS.exe [406016 2009-08-24] (mst software GmbH, Germany) []
    R2 DiagTrack; C:\Windows\system32\diagtrack.dll [851456 2015-04-28] (Microsoft Corporation)
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
    S4 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2009-11-14] (NewTech Infosystems, Inc.)
    R2 pcCMService; C:\Program Files\Common Files\Motive\pcCMService.exe [369152 2013-10-23] (Alcatel-Lucent) []
    R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
    S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-04-19] (Secunia)
    S3 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-04-19] (Secunia)
    R2 Telstra MAHostService; C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\MAHostService.exe [321024 2014-09-11] (Alcatel-Lucent) []
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
    S2 26f076f4; "C:\Windows\system32\rundll32.exe" "c:\Program Files\SystemPreserve\SystemPreserve.dll",serv

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
    S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-02-03] (Printing Communications Assoc., Inc. (PCAUSA)) []
    S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-02-03] (Printing Communications Assoc., Inc. (PCAUSA)) []
    S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [22112 2012-06-27] (Microsoft Corporation)
    R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [10681176 2014-08-19] (NVIDIA Corporation) []
    S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-08-20] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-08-20] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-29] ()
    S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-12-29] (ZTE Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-24 09:45 - 2015-05-24 10:00 - 00000000 ____D () C:\Users\Brodies\Desktop\FRST
    2015-05-23 20:08 - 2015-05-23 20:08 - 00000000 ____D () C:\Users\Brodies\Downloads\backups
    2015-05-23 20:05 - 2015-05-23 20:05 - 00388608 _____ (Trend Micro Inc.) C:\Users\Brodies\Downloads\HijackThis(1).exe
    2015-05-23 11:17 - 2015-05-23 11:17 - 00159728 _____ () C:\Windows\Minidump\052315-64787-01.dmp
    2015-05-21 20:07 - 2015-05-21 20:07 - 00159144 _____ (Microsoft Corporation) C:\Users\Brodies\Downloads\WindowsActivationUpdate.exe
    2015-05-21 19:52 - 2015-05-21 19:52 - 00158728 _____ () C:\Windows\Minidump\052115-18657-01.dmp
    2015-05-21 19:46 - 2015-05-21 19:46 - 00158344 _____ () C:\Windows\Minidump\052115-18579-01.dmp
    2015-05-21 07:52 - 2015-05-24 09:47 - 00005984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-05-21 07:52 - 2015-05-24 09:47 - 00005984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-05-21 07:52 - 2015-05-21 07:52 - 00000552 _____ () C:\Windows\system32\spsys.log
    2015-05-21 07:49 - 2015-05-21 07:49 - 00157960 _____ () C:\Windows\Minidump\052115-26379-01.dmp
    2015-05-21 07:17 - 2015-05-21 07:17 - 00000000 ____D () C:\Users\Brodies\Documents\ProcAlyzer Dumps
    2015-05-21 07:03 - 2015-05-21 07:03 - 00000000 ____D () C:\Program Files\predm
    2015-05-21 06:49 - 2015-05-21 06:52 - 00000165 _____ () C:\Windows\verson_hawker.txt
    2015-05-21 06:49 - 2015-05-21 06:49 - 00000109 _____ () C:\end
    2015-05-21 06:49 - 2015-05-21 06:49 - 00000000 ____D () C:\Users\Brodies\AppData\Local\PC_Privacy_Dock
    2015-05-21 06:49 - 2015-05-21 06:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hawker
    2015-05-21 06:48 - 2015-05-21 07:05 - 00000000 ____D () C:\Program Files\PCP
    2015-05-21 06:48 - 2015-05-21 06:59 - 00000000 ____D () C:\Users\Brodies\AppData\Roaming\PC Privacy Dock
    2015-05-21 06:48 - 2015-05-21 06:57 - 00000000 ____D () C:\Users\Brodies\Documents\PCPrivacyDock
    2015-05-21 06:48 - 2015-05-21 06:49 - 00000000 ____D () C:\Program Files\Hawker
    2015-05-21 06:43 - 2015-05-21 06:43 - 00000000 ____D () C:\Program Files\ConnectPC
    2015-05-21 06:41 - 2015-05-21 07:04 - 00000000 ____D () C:\Program Files\MyPCBU
    2015-05-21 06:29 - 2015-05-21 06:33 - 00000000 ____D () C:\Users\Brodies\Desktop\SHY
    2015-05-20 20:45 - 2015-05-20 20:45 - 00000000 ____D () C:\Users\Brodies\Desktop\INDI
    2015-05-20 20:26 - 2015-05-20 20:26 - 00000000 ____D () C:\Users\Brodies\Desktop\Double pics
    2015-05-19 06:42 - 2015-05-21 06:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2015-05-18 21:52 - 2015-05-18 22:00 - 00000000 ____D () C:\Users\Brodies\Desktop\Kiowa Luna
    2015-05-16 06:42 - 2015-04-08 13:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-05-16 06:42 - 2015-04-08 13:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-05-15 06:04 - 2015-04-13 13:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
    2015-05-14 07:39 - 2015-05-14 07:39 - 00000000 ____D () C:\Windows\CheckSur
    2015-05-13 15:53 - 2015-05-01 23:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-05-13 08:11 - 2015-04-28 05:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-05-13 08:11 - 2015-04-28 05:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-05-13 08:11 - 2015-04-28 05:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-05-13 08:11 - 2015-04-28 05:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-05-13 08:11 - 2015-04-28 05:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-05-13 08:11 - 2015-04-28 05:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-05-13 08:11 - 2015-04-28 05:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-05-13 08:11 - 2015-04-28 05:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2015-05-13 08:11 - 2015-04-28 05:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-05-13 08:11 - 2015-04-28 05:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-05-13 08:11 - 2015-04-28 05:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-05-13 08:11 - 2015-04-28 05:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-05-13 08:11 - 2015-04-28 05:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-05-13 08:11 - 2015-04-28 05:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
    2015-05-13 08:11 - 2015-04-28 05:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-05-13 08:11 - 2015-04-28 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-05-13 08:11 - 2015-04-28 04:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-05-13 08:11 - 2015-04-28 04:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-05-13 08:11 - 2015-04-28 04:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-05-13 08:11 - 2015-04-20 12:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2015-05-13 08:10 - 2015-05-05 11:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-05-13 08:10 - 2015-04-22 11:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-05-13 08:10 - 2015-04-22 02:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-05-13 08:10 - 2015-04-22 02:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-05-13 08:10 - 2015-04-22 02:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-05-13 08:10 - 2015-04-22 02:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-05-13 08:10 - 2015-04-22 02:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-05-13 08:10 - 2015-04-22 02:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-05-13 08:10 - 2015-04-22 02:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-05-13 08:10 - 2015-04-22 02:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-05-13 08:10 - 2015-04-22 02:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-05-13 08:10 - 2015-04-22 02:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-05-13 08:10 - 2015-04-22 02:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-05-13 08:10 - 2015-04-22 02:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-05-13 08:10 - 2015-04-22 01:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-05-13 08:10 - 2015-04-22 01:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-05-13 08:10 - 2015-04-22 01:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-05-13 08:10 - 2015-04-22 01:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-05-13 08:10 - 2015-04-22 01:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-05-13 08:10 - 2015-04-22 01:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-05-13 08:10 - 2015-04-22 01:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-05-13 08:10 - 2015-04-22 01:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-05-13 08:10 - 2015-04-22 01:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-05-13 08:10 - 2015-04-22 01:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-05-13 08:10 - 2015-04-22 01:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-05-13 08:10 - 2015-04-22 01:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-05-13 08:10 - 2015-04-22 01:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-05-13 08:10 - 2015-04-22 01:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-05-13 08:10 - 2015-04-22 01:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-05-13 08:10 - 2015-04-22 01:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-05-13 08:10 - 2015-04-22 01:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-05-13 08:10 - 2015-04-22 00:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-05-13 08:10 - 2015-04-22 00:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-05-13 08:10 - 2015-04-18 12:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2015-05-13 08:09 - 2015-03-04 14:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-05-13 08:09 - 2015-03-04 14:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-05-13 08:09 - 2015-03-04 14:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-05-13 08:09 - 2015-03-04 14:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-05-13 08:09 - 2015-02-18 17:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2015-05-03 09:21 - 2015-05-03 09:35 - 00000000 ____D () C:\Users\Brodies\Desktop\Website
    2015-05-03 07:55 - 2015-05-03 07:56 - 00160240 _____ () C:\Windows\Minidump\050315-45443-01.dmp
    2015-05-03 07:54 - 2015-05-03 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2015-04-30 07:05 - 2015-04-30 07:05 - 00000020 _____ () C:\Users\Brodies\AppData\Roaming\appdataFr3.bin
    2015-04-28 21:05 - 2015-04-28 21:05 - 00001713 _____ () C:\Users\Public\Desktop\iTunes.lnk
    2015-04-28 21:05 - 2015-04-28 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-04-28 21:04 - 2015-04-28 21:05 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
    2015-04-28 21:04 - 2015-04-28 21:04 - 00000000 ____D () C:\Program Files\iPod
    2015-04-28 20:23 - 2015-04-28 20:27 - 64580976 _____ () C:\Users\Brodies\Downloads\Egyptian Smash (Original Mix).wav
    2015-04-28 20:22 - 2015-04-28 20:25 - 48963344 _____ () C:\Users\Brodies\Downloads\This Is Zenit (Neil Wes Smashup).WAV
    2015-04-26 08:41 - 2015-05-03 09:22 - 00000000 ____D () C:\Users\Brodies\Desktop\RV pups

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-05-24 10:00 - 2015-01-03 16:39 - 00000000 ____D () C:\FRST
    2015-05-24 09:51 - 2012-12-01 17:21 - 01842321 _____ () C:\Windows\WindowsUpdate.log
    2015-05-24 09:39 - 2015-01-01 07:12 - 00000000 ____D () C:\Program Files\Telstra Broadband Assistant
    2015-05-24 09:38 - 2014-12-29 08:39 - 00020093 _____ () C:\Windows\setupact.log
    2015-05-24 09:38 - 2011-07-16 03:58 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-05-24 09:38 - 2009-07-14 14:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-05-23 21:32 - 2015-02-04 17:46 - 00000000 ____D () C:\Users\Brodies\Desktop\Movies
    2015-05-23 21:05 - 2011-01-12 13:25 - 00000000 ____D () C:\Users\Brodies\AppData\Roaming\vlc
    2015-05-23 20:18 - 2015-01-03 13:31 - 00007766 _____ () C:\Users\Brodies\Documents\hijackthis.log
    2015-05-23 20:09 - 2011-04-15 00:23 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-05-23 20:08 - 2014-10-08 20:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-05-23 20:03 - 2011-07-20 12:06 - 00000000 ____D () C:\Users\Brodies\AppData\Local\Deployment
    2015-05-23 11:17 - 2011-11-14 13:16 - 00000000 ____D () C:\Windows\Minidump
    2015-05-23 11:16 - 2015-01-14 11:22 - 510095010 _____ () C:\Windows\MEMORY.DMP
    2015-05-21 09:53 - 2014-12-29 08:39 - 00102158 _____ () C:\Windows\PFRO.log
    2015-05-21 09:53 - 2011-01-07 03:35 - 00000000 ____D () C:\Windows\Panther
    2015-05-21 07:14 - 2011-12-12 15:36 - 00000000 ____D () C:\ProgramData\TEMP
    2015-05-21 06:58 - 2015-01-01 13:22 - 00001077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-05-21 06:58 - 2015-01-01 13:22 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-05-21 06:58 - 2011-04-29 23:44 - 00001413 _____ () C:\Users\Brodies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-05-21 06:48 - 2014-10-08 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-05-21 06:48 - 2014-10-08 20:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-05-21 06:44 - 2015-04-10 06:30 - 00000000 ____D () C:\ProgramData\18175797879602492299
    2015-05-21 06:10 - 2015-02-14 07:28 - 00000000 ____D () C:\Users\Brodies\Desktop\Kiowa 1
    2015-05-20 13:09 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
    2015-05-20 12:00 - 2014-01-14 00:09 - 00000000 ____D () C:\Users\Brodies\AppData\Local\Windows Live
    2015-05-19 21:53 - 2015-01-01 13:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
    2015-05-19 11:05 - 2015-03-12 21:24 - 00000000 ____D () C:\Users\Brodies\Desktop\Taco
    2015-05-19 05:55 - 2015-03-12 21:17 - 00000000 ____D () C:\Users\Brodies\Desktop\Choc dapple b
    2015-05-18 05:27 - 2009-07-14 14:53 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-05-17 13:06 - 2011-01-07 03:48 - 00788704 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-05-17 08:53 - 2011-01-07 03:55 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
    2015-05-17 03:01 - 2009-07-14 17:50 - 00000000 ____D () C:\Program Files\Windows Journal
    2015-05-16 20:44 - 2013-02-16 16:11 - 00000000 ____D () C:\Users\Brodies\Desktop\Quotes
    2015-05-16 20:02 - 2014-06-29 09:20 - 00000000 ____D () C:\Users\Brodies\AppData\Local\Adobe
    2015-05-16 19:59 - 2012-04-01 23:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-05-16 19:59 - 2011-05-16 13:53 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-05-16 16:03 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\rescache
    2015-05-16 06:58 - 2015-03-12 21:27 - 00000000 ____D () C:\Users\Brodies\Desktop\B&T Dap B
    2015-05-14 20:04 - 2013-08-04 09:44 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2015-05-14 07:48 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-05-14 06:49 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
    2015-05-14 06:47 - 2011-01-11 14:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-05-13 15:55 - 2012-04-30 20:01 - 00002077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2015-05-13 15:55 - 2011-01-09 09:00 - 00001945 _____ () C:\Windows\epplauncher.mif
    2015-05-13 15:54 - 2011-05-31 12:53 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2015-05-13 15:53 - 2011-01-08 03:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-05-13 15:51 - 2013-07-30 03:00 - 00000000 ____D () C:\Windows\system32\MRT
    2015-05-13 15:41 - 2011-01-09 08:56 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-13 15:39 - 2011-01-11 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-05-13 15:31 - 2013-07-05 16:29 - 00000000 ____D () C:\Users\Brodies\AppData\Roaming\.minecraft
    2015-05-05 22:12 - 2013-02-13 15:44 - 00000000 ____D () C:\Users\Brodies\Desktop\Breeder
    2015-05-03 09:59 - 2011-09-08 15:42 - 00000000 ____D () C:\ProgramData\CanonIJPLM
    2015-05-03 08:49 - 2011-01-17 03:22 - 00000000 ____D () C:\Users\Brodies\AppData\Roaming\Apple Computer
    2015-04-28 21:05 - 2013-12-18 10:08 - 00000000 ____D () C:\Program Files\iTunes
    2015-04-28 21:04 - 2013-12-18 10:08 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2015-04-28 21:04 - 2011-01-17 03:19 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2015-04-28 20:56 - 2011-01-17 03:19 - 00000000 ____D () C:\ProgramData\Apple
    2015-04-28 06:24 - 2015-04-08 19:19 - 00000000 ____D () C:\Program Files\SystemPreserve
    2015-04-28 06:23 - 2009-07-14 12:37 - 00000000 ____D () C:\Windows\LiveKernelReports
    2015-04-26 20:07 - 2015-03-14 21:08 - 00000000 ____D () C:\ProgramData\{fa904d05-4fed-87a4-fa90-04d054fe3415}
    2015-04-26 08:45 - 2015-03-12 21:18 - 00000000 ____D () C:\Users\Brodies\Desktop\Paisley

    ==================== Files in the root of some directories =======

    2015-04-30 07:05 - 2015-04-30 07:05 - 0000020 _____ () C:\Users\Brodies\AppData\Roaming\appdataFr3.bin
    2005-04-08 12:16 - 2012-08-11 15:31 - 0848334 ____H () C:\Users\Brodies\AppData\Roaming\Brodiesv1.18.0 - Trial versionlog.dat
    2011-09-26 10:25 - 2012-07-05 08:14 - 0138056 _____ () C:\Users\Brodies\AppData\Roaming\PnkBstrK.sys
    2014-10-15 07:20 - 2014-10-15 07:20 - 0000000 ____H () C:\Users\Brodies\AppData\Local\BIT6E9C.tmp
    2011-11-27 17:18 - 2015-02-19 07:05 - 0007622 _____ () C:\Users\Brodies\AppData\Local\Resmon.ResmonCfg
    2014-10-15 07:20 - 2014-10-15 07:20 - 0000000 _____ () C:\Users\Brodies\AppData\Local\{4A2C4A24-57F4-4FFA-9C14-9AEB07BD2209}

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-05-14 20:32

    ==================== End of log ============================

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-05-2015 01
    Ran by Brodies at 2015-05-24 10:01:08
    Running from C:\Users\Brodies\Desktop\FRST
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-633753297-1222489795-330927598-500 - Administrator - Disabled)
    Brodies (S-1-5-21-633753297-1222489795-330927598-1000 - Administrator - Enabled) => C:\Users\Brodies
    Guest (S-1-5-21-633753297-1222489795-330927598-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-633753297-1222489795-330927598-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AV: Spybot - Search and Destroy (Disabled - Out of date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{A2EAE643-8804-9420-5DBE-2752D6957964}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
    Ashampoo HDD Control 2 v.2.1.0 (HKLM\...\{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Internet Accelerator 3 v.3.20 (HKLM\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
    Ashampoo WinOptimizer 8 v.8.10 (HKLM\...\Ashampoo WinOptimizer 8_is1) (Version: 8.1.0 - Ashampoo GmbH & Co. KG)
    ATI AVIVO Codecs (Version: 11.6.0.10112 - ATI Technologies Inc.) Hidden
    Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
    CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    CPUID HWMonitor 1.18 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dolby Axon - 1.5.1.1 (HKLM\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
    DWG TrueView 2010 (HKLM\...\DWG TrueView 2010) (Version: 18.0.55.0 - Autodesk)
    DWG TrueView 2010 (Version: 18.0.55.0 - Autodesk) Hidden
    Evernote v. 4.6.3 (HKLM\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
    Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
    Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Earth Pro (HKLM\...\{9578C0CD-8108-4379-9026-4601F59859A0}) (Version: 4.2.180.1134 - Google)
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
    HP Photo Creations (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\HP Photo Creations) (Version: 1.0.0.17712 - HP)
    HydraVision (Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
    iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
    iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
    League of Legends (Version: 1.3 - Riot Games) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
    MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
    Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 38.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
    NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
    NTI Backup Now Standard (Version: 5.1.2.628 - NewTech Infosystems) Hidden
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
    SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
    Secunia PSI (2.0.0.3003) (HKLM\...\Secunia PSI) (Version: - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
    Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
    SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.50.1002 - SUPERAntiSpyware.com)
    SurfingTunnel 1.7 (HKLM\...\SurfingTunnel_is1) (Version: - ZqWare)
    Telstra Broadband Assistant (HKLM\...\Telstra-Telstra Broadband Assistant) (Version: 1.0.2.45 - Telstra Corporation Ltd.)
    Telstra Mobile Broadband Manager (HKLM\...\Telstra Mobile Broadband Manager) (Version: 3.0.514 - Telstra)
    Telstra Mobile Broadband Manager (Version: 3.0.514 - Telstra) Hidden
    TuneUp 2.4.8.5 (HKLM\...\TuneUpMedia) (Version: 2.4.8.5 - TuneUp Media, Inc.)
    Unity Web Player (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
    Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
    VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
    Vuze Leap 1.3 (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 1.3 - Azureus Software, Inc.)
    Who Is On My Wifi version 3.0.2 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
    Windows Driver Package - Cmotech (cmusbnet) Net (06/11/2007 2.0.0.9) (HKLM\...\E7E257830CD4614E7CF1B3792DF19B85FE5E7BE7) (Version: 06/11/2007 2.0.0.9 - Cmotech)
    Windows Driver Package - Cmotech Modem (12/13/2006 2.0.3.5) (HKLM\...\5E8F128761A9B07EC2DEC909F167D92DB8B3A348) (Version: 12/13/2006 2.0.3.5 - Cmotech)
    Windows Driver Package - Cmotech Ports (12/13/2006 2.0.3.5) (HKLM\...\6A032F4180B5A0E8F4BC27384D0A423B2595A785) (Version: 12/13/2006 2.0.3.5 - Cmotech)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 20.0.2011.2 - BillP Studios)
    WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
    World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{360a1f34-2491-4ba0-ade3-40640a9d5435}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWRficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Brodies\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{591E5416-DDC3-45E6-BE9D-C40D0B418F6E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{a390b60f-36da-401e-9fb2-3d3c05ced2cf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)

    ==================== Restore Points =========================

    23-05-2015 13:16:32 Scheduled Checkpoint
    24-05-2015 09:49:23 Windows Update

    ==================== Hostscontent: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 12:04 - 2014-03-23 09:38 - 00448635 ___RA C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 00hq.com*-*This website is for sale!*-*00hq Resources and Information.
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 032439.com
    127.0.0.1 032439.com
    127.0.0.1 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 1000gratisproben.com*-*This website is for sale!*-*1000gratisproben Resources and Information.
    127.0.0.1 1001namen.com
    127.0.0.1 404 Not Found
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100sexlinks.com*-*This website is for sale!*-*Sex links Resources and Information.
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 Gadgets And More
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {10A02D95-167B-4B23-A217-5A72C7EB3DBC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {16E39261-4266-4519-8496-F1E7106132FC} - System32\Tasks\{42363FB3-454B-450B-BA87-A5E6979973E7} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/...LastError=1603
    Task: {1A286FBE-7665-4F97-9900-AE6DC651F34B} - System32\Tasks\{8D2D16F5-41D4-46C0-B1C9-DF9FBF50F5D5} => pcalua.exe -a C:\PROGRA~1\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~1\MYASHA~1\INSTALL.LOG
    Task: {1FF9E595-57FD-4863-8926-156895480FE9} - System32\Tasks\{883C37CC-FFA0-4699-B3CC-3FDD17D6F49B} => pcalua.exe -a C:\Autodesk\Inventor_2010_SV\x86\Setup.exe -d C:\Autodesk\Inventor_2010_SV\x86
    Task: {2903C4C7-60BD-4FBC-A5E8-E73252E502A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {2A9250B5-B31C-44E0-9049-CCA5DD3DB069} - System32\Tasks\{2C69E705-C214-4CD4-8FD8-46DE7824C337} => C:\Users\Brodies\AppData\Roaming\HP Photo Creations\PhotoProduct.exe [2011-03-12] (Visan / RocketLife)
    Task: {2AF8EAEE-BBCD-46F7-B57C-C2869FA71E49} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-22] ()
    Task: {2B9E9047-46BF-4698-AF5B-F7703874F6B5} - System32\Tasks\{B19BE8F7-1E38-4E44-983D-B85BC947897D} => pcalua.exe -a C:\Users\Brodies\Downloads\422814_intl_i386_zip.exe -d C:\Users\Brodies\Downloads
    Task: {33188B7B-978B-440C-8FCE-5C6572B1B9B8} - System32\Tasks\{E69CAB44-9C98-413C-B155-DECB20B316B7} => pcalua.exe -a "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\Motorola Driver Installer.exe" -d "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\"
    Task: {40F46AF4-1AAF-4B4B-A088-008B04A487ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
    Task: {4B36AD8B-41FB-4F16-A9E2-DD04BED15B95} - System32\Tasks\{33D2E56E-DE13-4870-892E-0C341B1F54F8} => pcalua.exe -a E:\DRIVER\Win8_Win7_Vista_32\337.50\Display.Driver\dbInstaller.exe -d E:\DRIVER\Win8_Win7_Vista_32\337.50\Display.Driver
    Task: {50733E4A-719E-49C6-983E-3CC6F40A3C65} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
    Task: {57296BB8-223D-480B-A6C2-8F0835BD0C7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-23] (Piriform Ltd)
    Task: {5C0D7146-2E1A-4A73-ADFB-2F8E4005997E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {62733566-3B85-4543-94D0-BA9523AE4877} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
    Task: {6E521797-202B-4B06-963B-1E100365763E} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-22] ()
    Task: {703691DE-598E-42EB-92EB-C53CDFF0BCE9} - System32\Tasks\{64926BED-6DD5-443B-86D9-EA177F5CE9A5} => pcalua.exe -a "C:\Program Files\Toolbar Uninstaller\tbu.exe" -d "C:\Program Files\Toolbar Uninstaller"
    Task: {737EF11D-7C78-4E1F-8803-F261D0219AC8} - System32\Tasks\{74AA8389-139F-46AE-9D65-F3FD5CE40B55} => Firefox.exe Download Skype for Desktop
    Task: {77AA3990-9241-4CD7-B90A-4F977A3C6418} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-05-16] (Safer-Networking Ltd.)
    Task: {AE34B5A7-8F20-40D9-9243-B9881FC7CA56} - System32\Tasks\{45CFE472-A409-4CD7-9B68-4C34EC37B18B} => Firefox.exe Download Skype for Desktop
    Task: {B9C535B0-76C2-4D7B-A02A-440CE4510168} - System32\Tasks\{B2CA0C4B-0652-4723-9088-EE98ED199C1A} => pcalua.exe -a C:\PROGRA~1\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~1\MYASHA~1\INSTALL.LOG
    Task: {CFB49406-A6A8-4F25-9CB6-C4712075204A} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
    Task: {D17FEF1F-CBF5-43EE-A576-A84FF8A5B748} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Loaded Modules (Whitelisted) ==============

    2014-12-05 19:49 - 2014-07-03 05:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2011-05-16 13:46 - 2010-03-30 06:02 - 00520234 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
    2013-04-27 09:18 - 2012-07-30 09:48 - 01518504 _____ () C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
    2013-09-21 09:55 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2013-09-21 09:55 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
    2013-09-21 09:55 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2013-09-21 09:55 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
    2013-09-21 09:55 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2013-11-08 09:58 - 2013-11-08 09:58 - 00244736 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
    2013-11-08 09:58 - 2013-11-08 09:58 - 00271360 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
    2013-11-08 09:57 - 2013-11-08 09:57 - 00237056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
    2013-04-24 23:55 - 2013-04-24 23:55 - 01581056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\libxmljs\build\Release\xmljs.node
    2013-04-19 08:55 - 2013-04-19 08:55 - 00068608 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
    2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> 00hq.com*-*This website is for sale!*-*00hq Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> 0scan.com*-*This website is for sale!*-*0scan Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> 1000gratisproben.com*-*This website is for sale!*-*1000gratisproben Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> 404 Not Found
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*This website is for sale!*-*Sex links Resources and Information.
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> Gadgets And More
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> Watch Movies Online | uMovies Movie2k Online - 123Movies
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> 123Simsen-Projekte

    There are 11890 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-633753297-1222489795-330927598-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 208.67.222.222 - 208.67.220.220

    ==================== MSCONFIG/TASK MANAGER Error getting ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: bthserv => 3
    MSCONFIG\Services: YahooAUService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk => C:\Windows\pss\FrostWire On Startup.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: Ashampoo HDD-Control 2 Guard => "C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe"
    MSCONFIG\startupreg: BigPondWirelessBroadbandCM => "C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe" -tsr
    MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: Telstra_McciTrayApp => "C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\pcTrayApp.exe"
    MSCONFIG\startupreg: uTorrent => "C:\Users\Brodies\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    MSCONFIG\startupreg: Vuze Leap => "C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe" /autorun

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{7EE9ADD4-8504-4672-8938-3351957A14C5}] => (Allow) LPort=8381
    FirewallRules: [{B1164E03-6291-40CB-858A-D1F170C878C9}] => (Allow) LPort=8381
    FirewallRules: [TCP Query User{4FCCE215-AC5C-41A2-B5D4-AB93515CC17B}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [UDP Query User{7F09AF5D-FE1F-4C78-B110-9EB3248D3FE8}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [TCP Query User{0317E721-F415-4243-9D54-E9082A49C2FA}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [UDP Query User{8DCF20BE-51BA-45BC-AEE2-2491005CFAF0}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [{0D403C2B-8AD7-4C75-9EF1-CF2ABE02C335}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{9B428393-DA7B-4245-B93D-0A644020E6D2}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{B4C30EE1-14A3-4C9D-9616-263BB111D70A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{A4802FAD-7A5B-455C-986E-F786BE9DAEE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{7D57A7A6-6567-48CE-91F3-5C2F55598C63}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{E4332851-7AB2-4985-9062-A88B8C3421E4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [{0145FEE5-451D-4654-943F-4750FFEF21BE}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    FirewallRules: [{D6778384-50E3-4F51-9173-B87BD12F7FD8}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    FirewallRules: [{B82FD944-EC03-4FC8-A098-276A8105446C}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    FirewallRules: [{17C22135-505C-40FF-9D4A-11B09C255D2A}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    FirewallRules: [{3F361B6C-D19C-4063-9D47-E7749EB8F728}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{A58A28B1-AEB4-474E-A4DF-46AB057FB93C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{3DB0B9B4-07C1-4370-A661-736451911A51}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [TCP Query User{97A8E907-CB87-429E-815C-464AFA95E5D3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
    FirewallRules: [UDP Query User{E0F6A2F1-12F4-40AA-A561-0B53E2093032}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
    FirewallRules: [TCP Query User{D5B9D8CF-A837-41F1-B5F3-44F3C60968D1}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{836B6F13-C973-4041-8425-E2C41440E867}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
    FirewallRules: [{2DFD1B4F-2667-4C86-BAD6-0877423B7F1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{30DAC94B-C4F6-4EC7-A227-C9D8F78D0F3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{5F42C635-3274-4C1C-8FF7-846B96D5D489}J:\world of warcraft\backgrounddownloader.exe] => (Allow) J:\world of warcraft\backgrounddownloader.exe
    FirewallRules: [UDP Query User{2123B68A-E441-4275-801E-ED73241421CE}J:\world of warcraft\backgrounddownloader.exe] => (Allow) J:\world of warcraft\backgrounddownloader.exe
    FirewallRules: [TCP Query User{D65EBD7D-C4BC-46AF-9EC0-D90847D296EE}J:\world of warcraft\launcher.patch.exe] => (Allow) J:\world of warcraft\launcher.patch.exe
    FirewallRules: [UDP Query User{B5E51248-4A36-424C-856F-6DDCBC77BC52}J:\world of warcraft\launcher.patch.exe] => (Allow) J:\world of warcraft\launcher.patch.exe
    FirewallRules: [TCP Query User{CBB01BA4-A2A2-4CA3-9BE6-1BA6F345BE71}J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
    FirewallRules: [UDP Query User{94AF6089-59D0-4C21-9370-91A6FF64BD54}J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
    FirewallRules: [TCP Query User{31CB3E51-333B-4AD0-B749-622F03834CCD}J:\world of warcraft\launcher.exe] => (Allow) J:\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{B9EC29B5-2AFF-44B9-8238-68295FF76235}J:\world of warcraft\launcher.exe] => (Allow) J:\world of warcraft\launcher.exe
    FirewallRules: [TCP Query User{FB4FD907-EABD-4738-8E8E-078EBE6E90E2}J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
    FirewallRules: [UDP Query User{8123E07E-2421-421D-9453-F85FABC156AE}J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
    FirewallRules: [TCP Query User{1187A546-65E2-48F9-96D5-DF6068F27FC1}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{47B6704E-40A7-41A1-80FF-1AD935A1FF3B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{D02EB969-483E-40F5-BBE9-F3E9A8C1256B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{2CB51908-0040-4698-9E02-EA94F190D66A}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [{2E10F8C7-F5E7-4457-9368-36EA3FCFB6AB}] => (Allow) C:\Program Files\DolbyAxon\Axon.exe
    FirewallRules: [{955CDD07-A6E1-43A2-AB6E-C2D83C7469BB}] => (Allow) C:\Program Files\DolbyAxon\Axon.exe
    FirewallRules: [{84A7DFB9-7E54-46A2-9A58-929924F541D3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{472DC950-5702-4801-AC6A-C0CA16A7FDEC}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [TCP Query User{3093A522-034A-4A0E-998C-41062ECACFC9}F:\world of warcraft\launcher.exe] => (Allow) F:\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{61524443-82DE-4222-A7AF-F34E3C5EFC13}F:\world of warcraft\launcher.exe] => (Allow) F:\world of warcraft\launcher.exe
    FirewallRules: [{569AB365-D1E3-4E8A-B2D7-1F5976D26CA8}] => (Allow) C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{96D0F740-7BBC-4D90-80BB-23079B4342C2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{106A38FD-F7B0-467C-BC23-244D5A63AE27}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{3AE00613-3C2C-45F2-91BC-BF91EC98B434}] => (Allow) LPort=2869
    FirewallRules: [{BA6E7053-A500-46FA-BD05-3E7536247C67}] => (Allow) LPort=1900
    FirewallRules: [{2B1B1E4A-E349-4A92-8345-6ED4FD532A0F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{7DEE3A26-93CD-4F7A-B628-4B7FBD4EE285}] => (Allow) C:\Program Files\Steam\Steam.exe
    FirewallRules: [{D1220D16-208F-4BCE-A5C8-3505D60CDC35}] => (Allow) C:\Program Files\Steam\Steam.exe
    FirewallRules: [{80402C68-F2AB-4A04-87E8-967F1FFA6DDD}] => (Allow) C:\Program Files\Steam\SteamApps\common\rust\rust.exe
    FirewallRules: [{1C2B2C15-B5DE-4304-8FB3-23C74A08F3B7}] => (Allow) C:\Program Files\Steam\SteamApps\common\rust\rust.exe
    FirewallRules: [TCP Query User{0B319B6B-ECC5-4662-BA58-AACB70D0BA30}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [UDP Query User{6044248B-A388-43DA-B1A5-1A99BB12B3DC}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [{C7E6AA3B-DC8A-44EE-AF4F-A602BE3A0656}] => (Allow) C:\Users\Brodies\AppData\Steam\Steam.exe
    FirewallRules: [{1C8B5013-DFDC-4BDB-AFB8-F2819DD7173C}] => (Allow) C:\Users\Brodies\AppData\Steam\Steam.exe
    FirewallRules: [{DC465CE2-4931-40C5-AB57-2314A09674BD}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
    FirewallRules: [{427E9046-BD2C-49AE-9C3F-82C31646A80B}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
    FirewallRules: [{F356F55D-7231-431C-91D9-16064C835C67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{B1D6FDCC-00A0-4998-8638-4EA7CC50B5D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{618A259A-989F-43DD-922D-65702824E112}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{E66D51C6-C626-426F-BC98-126DCCBC773C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{F2A0EA63-63FC-4C7C-BF83-87FAB188FBB4}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{65233235-AB96-4318-8C17-79724BE8826A}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{6E367D90-CC63-4119-BE4C-B5FD790173E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{14BC635A-14C1-43DC-9DA9-5C51005597FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{BEEB5419-F457-45A0-A5CA-660CB77EE9E7}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
    FirewallRules: [UDP Query User{3A1D0F6E-C647-4783-BE9A-F1AA0E972DD6}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
    FirewallRules: [TCP Query User{D3D8828E-DF9F-4E6B-9F6D-FA2E89421C34}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
    FirewallRules: [UDP Query User{DD1B6D46-A141-484C-B0E4-3184EC21BDFD}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
    FirewallRules: [TCP Query User{46F91B9E-5CD6-4689-A9B1-C26E188A4BA0}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [UDP Query User{844E06F2-58DD-4B41-B880-30EBD93D7592}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [{53DA87BC-7DEB-4419-84EC-6D7E49E9FBDB}] => (Allow) C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe
    FirewallRules: [{D61E99DD-742B-4545-A15B-AEA0E968B72D}] => (Allow) C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe
    FirewallRules: [TCP Query User{127E98E4-AD5C-4D39-8A19-A44ABA3F6721}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{5D0EC4FD-51E5-4D06-870F-13061FB8742E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{D04635AC-9C4E-4140-88E2-46FEFB46FD92}C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe] => (Block) C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe
    FirewallRules: [UDP Query User{6667131C-0895-4857-94F8-E80A51AA36D2}C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe] => (Block) C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe
    FirewallRules: [TCP Query User{00213C7E-BE6E-41D8-8186-118194186A40}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
    FirewallRules: [UDP Query User{CCFDC850-C822-4C94-BA9E-FFF7D027DB71}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
    FirewallRules: [{2CF45270-7891-47F6-8A7C-96E9EEE03B6F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{847B1455-CBC6-43B3-B7CE-76C832FB2E88}] => (Allow) C:\Users\Brodies\AppData\Local\Apps\2.0\7L9DDJAV.9XD\81CVGKLQ.GMK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{E39DCBDE-1EB5-4062-9259-67478A94A7E9}] => (Allow) C:\Users\Brodies\AppData\Local\Apps\2.0\7L9DDJAV.9XD\81CVGKLQ.GMK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{B42C8FD3-44CA-4A9E-B1D8-16CAFC284E57}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Faulty Device Manager Devices =============

    Name: PS/2 Compatible Mouse
    Description: PS/2 Compatible Mouse
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/24/2015 09:45:52 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000005
    Fault offset: 0x02f00fef
    Faulting process id: 0x718
    Faulting application start time: 0xExplorer.EXE0
    Faulting application path: Explorer.EXE1
    Faulting module path: Explorer.EXE2
    Report Id: Explorer.EXE3

    Error: (05/23/2015 00:31:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
    Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
    Exception code: 0x80000003
    Fault offset: 0x00001aa1
    Faulting process id: 0xc28
    Faulting application start time: 0xplugin-container.exe0
    Faulting application path: plugin-container.exe1
    Faulting module path: plugin-container.exe2
    Report Id: plugin-container.exe3

    Error: (05/23/2015 09:14:38 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 09:14:37 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 09:14:36 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 09:08:37 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 09:08:27 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 09:08:08 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/23/2015 08:34:35 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: setup.exe_Google Chrome Installer, version: 43.0.2357.65, time stamp: 0x5552b151
    Faulting module name: setup.exe, version: 43.0.2357.65, time stamp: 0x5552b151
    Exception code: 0xc0000005
    Fault offset: 0x0005e32d
    Faulting process id: 0xfb4
    Faulting application start time: 0xsetup.exe_Google Chrome Installer0
    Faulting application path: setup.exe_Google Chrome Installer1
    Faulting module path: setup.exe_Google Chrome Installer2
    Report Id: setup.exe_Google Chrome Installer3

    Error: (05/21/2015 09:10:47 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.


    System errors:
    =============
    Error: (05/24/2015 09:38:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the SystemPreserve service to connect.

    Error: (05/23/2015 08:04:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Ashampoo HDD Control 2 Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (05/23/2015 08:01:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the SystemPreserve service to connect.

    Error: (05/23/2015 00:15:35 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (05/23/2015 11:28:04 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (05/23/2015 11:18:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the SystemPreserve service to connect.

    Error: (05/23/2015 11:17:31 AM) (Source: BugCheck) (EventID: 1001) (User: )
    Description: 0x0000001a (0x00041790, 0xc08021e8, 0x0000ffff, 0x00000000)C:\Windows\MEMORY.DMP052315-64787-01

    Error: (05/23/2015 11:17:30 AM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 11:14:47 AM on ‎5/‎23/‎2015 was unexpected.

    Error: (05/23/2015 10:27:20 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/23/2015 08:39:17 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5


    Microsoft Office:
    =========================
    Error: (03/03/2015 07:22:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2373 seconds with 1620 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
    Percentage of memory in use: 31%
    Total physical RAM: 3199.49 MB
    Available physical RAM: 2183.93 MB
    Total Pagefile: 6397.3 MB
    Available Pagefile: 5026.82 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1895.09 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:228.13 GB) (Free:59.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (DATA) (Fixed) (Total:227.87 GB) (Free:67.63 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 71F756A1)
    Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
    Partition 2: (Active) - (Size=228.1 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=227.9 GB) - (Type=07 NTFS)

    ==================== End of log ============================

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    A few items to fix

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Code:
    start
    CloseProcesses:
    CreateRestorePoint:
    HKLM\...\Run: [TaskTray] => [X]
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-633753297-1222489795-330927598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF user.js: detected! => C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\qk7wyspu.default-1427195744199\user.js [2015-05-21]
    FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\6jderfja.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
    FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    Emptytemp:
    Click Format and ensure Wordwrap is unchecked.
    Save as Fixlist.txt to your Desktop (Must be in this location)
    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next

    Please download AdwCleaner by Xplode onto your Desktop.
    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click the Scan button and wait for the process to complete.
    • Click the logfile button and the log will open in Notepad.
    • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
    • Click on the Clean button follow the prompts.[/*]
    • A log file will automatically open after the scan has finished and the PC has rebooted.
    • Please post the content of that log file with your next answer.
    • You can find the log file at C:\AdwCleaner


    Next

    Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next
    Uninstall / reinstall Chrome because malware has changed it to a develoment build.

    1.Close all Chrome windows and tabs.
    2.Go to the Start menu > Control Panel. (Windows 8 users: Learn how to access the Control Panel)
    3.Click Programs and Features.
    4.Double-click Google Chrome.
    5.Click Uninstall from the confirmation dialog. Delete your user profile information, like your browser preferences, bookmarks, and history, select the "Also delete your browsing data" checkbox.

    If you have Bookmarks that you want to save, you want to do that first.

    Export / Import Bookmarks.
    https://support.google.com/chrome/answer/96816?hl=en


    Then reinstall Chrome from here-->Chrome

    In your next reply post;

    • Fixlog.txt, that will be found on the desktop after fix has run.
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log

  5. #5
    Member
    Join Date
    May 2008
    Location
    AUSTRALIA
    Posts
    135
    Points
    1

    Default

    Hi Zep, and thank you



    Fix result of Farbar Recovery Scan Tool (x86) Version: 24-05-2015 01
    Ran by Brodies at 2015-05-25 06:39:39 Run:2
    Running from C:\Users\Brodies\Desktop
    Loaded Profiles: Brodies (Available Profiles: Brodies)
    Boot Mode: Normal

    ==============================================

    fixlist content:
    *****************
    start
    CloseProcesses:
    CreateRestorePoint:
    HKLM\...\Run: [TaskTray] => [X]
    HKU\S-1-5-18\...\Run: [] => [X]
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-633753297-1222489795-330927598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    FF user.js: detected! => C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\qk7wyspu.default-1427195744199\user.js [2015-05-21]
    FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\6jderfja.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
    FF Plugin: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    Emptytemp:
    *****************

    Processes closed successfully.
    Restore point was successfully created.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\TaskTray => value Removed successfully.
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value Removed successfully.
    "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully.
    "HKU\S-1-5-21-633753297-1222489795-330927598-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully.
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully.
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully.
    C:\Users\Brodies\AppData\Roaming\Mozilla\Firefox\Profiles\qk7wyspu.default-1427195744199\user.js => Moved successfully.
    "HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key Removed successfully.
    "HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3" => key Removed successfully.
    "HKLM\Software\MozillaPlugins\@nexon.net/NxGame" => key Removed successfully.
    C:\ProgramData\TEMP => ":5C321E34" ADS Removed successfully..

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.5.7601 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    {144545B7-55A9-4E2F-8C9F-A970894BA7F4} canceled.
    {C9723126-6976-4355-B623-0D23768017EB} canceled.
    {10C6C3D5-2B9D-452B-BFEF-E91F4FB0E822} canceled.
    {1B80D87E-6DBC-4C71-8202-D888C4E76427} canceled.
    4 out of 4 jobs canceled.

    ========= End of CMD: =========


    ========= netsh winsock reset catalog =========


    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========


    ========= netsh int ipv4 reset =========

    Reseting Interface, OK!
    Restart the computer to complete this action.


    ========= End of CMD: =========


    ========= netsh int ipv6 reset =========

    Reseting Interface, OK!
    Restart the computer to complete this action.


    ========= End of CMD: =========

    EmptyTemp: => Removed 5.2 GB temporary data.


    The system needed a reboot.

    ==== End of Fixlog 06:41:57 ====


    # AdwCleaner v4.205 - Logfile created 25/05/2015 at 06:52:58
    # Updated 21/05/2015 by Xplode
    # Database : 2015-05-24.1 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x86)
    # Username : Brodies - BRODIES-PC
    # Running from : C:\Users\Brodies\Desktop\adwcleaner_4.205.exe
    # Option : Cleaning

    ***** [ Services ] *****

    [#] Service Deleted : 26f076f4

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\35816e8000003895
    Folder Deleted : C:\ProgramData\{fa904d05-4fed-87a4-fa90-04d054fe3415}
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hawker
    Folder Deleted : C:\Program Files\predm
    Folder Deleted : C:\Program Files\Search Extensions
    Folder Deleted : C:\Program Files\SystemPreserve
    Folder Deleted : C:\Program Files\MyPCBU
    Folder Deleted : C:\Program Files\app_setup
    Folder Deleted : C:\Program Files\ConnectPC
    Folder Deleted : C:\Program Files\Hawker
    Folder Deleted : C:\Users\Brodies\AppData\Local\PC_Privacy_Dock
    Folder Deleted : C:\Users\Brodies\AppData\Roaming\PC Privacy Dock
    Folder Deleted : C:\Users\Brodies\Documents\PCPrivacyDock
    Folder Deleted : C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
    Folder Deleted : C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
    File Deleted : C:\END
    File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

    ***** [ Scheduled tasks ] *****

    Task Deleted : amiupdaterExd
    Task Deleted : amiupdaterExi

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
    Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
    Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
    Key Deleted : HKLM\SOFTWARE\5aceeef7-7e67-30d2-25f3-2bd4b63be182
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{853130B6-1A29-4D9D-9513-2A461287651E}
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\powerpack
    Key Deleted : HKCU\Software\simplytech
    Key Deleted : HKCU\Software\Hawker
    Key Deleted : HKCU\Software\PCPrivacyDockLanguage
    Key Deleted : HKCU\Software\sidecom
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\SupDp
    Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    Key Deleted : HKLM\SOFTWARE\SpeedBit
    Key Deleted : HKLM\SOFTWARE\AIM Toolbar
    Key Deleted : HKLM\SOFTWARE\Hawker
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{35E0D123-1F22-9AE6-F973-B7ECA46E8BFE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
    Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17801


    -\\ Mozilla Firefox v38.0.1 (x86 en-US)

    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "oursurfing");
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/web/favicon.ico");
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "oursurfing");
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=dspp&ts=1432154600&z=d73558700a90c18d8dd7550g0zdc6o3g4w2zbq3ebq&from=fsf&uid=ST3500830AS_9QG75H9LXXXX9QG75H9L&q={searc[...]
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "oursurfing");
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("extensions.34OyoZvf5wo1xHxT.scode", "(function(){try{if(window.location.href.indexOf(\"rjC9pdg7pjk7pdaHrTC9qHgFqHY\")>-1){return;}}catch(e){}try{var d=[[\"www.viracure.com\",\"onesystemcare[...]
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("extensions.pdldUYNaq8hzHdGX.scode", "(function(){try{if(window.self.location.href.indexOf(\"rjC9pdg7pjk7pdaHrTC9qHgFqHY\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\[...]
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
    [qk7wyspu.default-1427195744199\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

    -\\ Google Chrome v43.0.2357.65

    [C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
    [C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1432154600&z=d73558700a90c18d8dd7550g0zdc6o3g4w2zbq3ebq&from=fsf&uid=ST3500830AS_9QG75H9LXXXX9QG75H9L&q={searchTerms}
    [C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1432154600&z=d73558700a90c18d8dd7550g0zdc6o3g4w2zbq3ebq&from=fsf&uid=ST3500830AS_9QG75H9LXXXX9QG75H9L&q={searchTerms}
    [C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 40B58C1681C33EEA9D7E859EF0FA4D33E4C0FF1D5269E5AE4AB3BD91F70985A8","homepage_is_newtabpage":"4F175AEA5648CF2BFF68E98735B834A4D87304B40C06B2E82FD977DC82B9BE74","pinned_tabs":"F08E3170C21E978CB380FB2B1F8BC92DE55E1299FCCC791F25C8FE82F5CF7261","prefs":{"preference_reset_time":"F650228097A98E2885B3AA88F11D3A15E03F3455CC70CD9815C3E808890E937B"},"profile":{"reset_prompt_memento":"2C97DEA5B4012B768EDDEB9EED58FAFC86A5D2F5BC17CA4052C6F76E58A9FA69"},"safebrowsing":{"incidents_sent":"DBB57F4D34FD4EB6651C67389AED701136F5BFF3F820B32BFD0D47B251357C43"},"search_provider_overrides":"5D8F974D7C81C2490A596128805E07A03BE852EF69886AF98F0F719A3810615A","session":{"restore_on_startup":"ADB675848745440D6FAA418479C247AD33EBC334D38063147B40C2367F30EEEE","startup_urls":"D621931840A0DC59EF7E143F0895C8A4F430BB82D2FD4F989475436670575CA6"},"software_reporter":{"prompt_reason":"94027C5746DED6A4E878574A573AAC9E5895D066D4379B7C5AD653CF1B699C8A","prompt_seed":"6E28C0190154F70DD9B6BE05ABB5420F11071A59DF3DA24B073A4CA7FFF15704","prompt_version":"0BB1CBD32E270FEEDE95A844524D1B71A5125EED2A9BFF4C3FCCD7DDD00BDF8A"},"sync":{"remaining_rollback_tries":"85D1EB087B3F42B86DE3C491E979BBF11EC6ECA66CBF030DB73EF8D4DCB4E821"}},"super_mac":"CEC8956556EBD4DCF4F12938ABEEED02378C0E0B53D3F97C11DA4228BD27AA77"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.oursurfing.com/?type=hppp&ts=1432154600&z=d73558700a90c18d8dd7550g0zdc6o3g4w2zbq3ebq&from=fsf&uid=ST3500830AS_9QG75H9LXXXX9QG75H9L
    [C:\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : D621931840A0DC59EF7E143F0895C8A4F430BB82D2FD4F989475436670575CA6"},"software_reporter":{"prompt_reason":"94027C5746DED6A4E878574A573AAC9E5895D066D4379B7C5AD653CF1B699C8A","prompt_seed":"6E28C0190154F70DD9B6BE05ABB5420F11071A59DF3DA24B073A4CA7FFF15704","prompt_version":"0BB1CBD32E270FEEDE95A844524D1B71A5125EED2A9BFF4C3FCCD7DDD00BDF8A"},"sync":{"remaining_rollback_tries":"85D1EB087B3F42B86DE3C491E979BBF11EC6ECA66CBF030DB73EF8D4DCB4E821"}},"super_mac":"CEC8956556EBD4DCF4F12938ABEEED02378C0E0B53D3F97C11DA4228BD27AA77"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.oursurfing.com/?type=hppp&ts=1432154600&z=d73558700a90c18d8dd7550g0zdc6o3g4w2zbq3ebq&from=fsf&uid=ST3500830AS_9QG75H9LXXXX9QG75H9L

    -\\ Chromium v


    *************************

    AdwCleaner[R0].txt - [7720 bytes] - [20/04/2014 09:32:41]
    AdwCleaner[R1].txt - [5276 bytes] - [28/12/2014 21:12:24]
    AdwCleaner[R2].txt - [1051 bytes] - [04/01/2015 09:16:53]
    AdwCleaner[R3].txt - [1119 bytes] - [06/01/2015 20:29:40]
    AdwCleaner[R4].txt - [1180 bytes] - [18/01/2015 06:16:23]
    AdwCleaner[R5].txt - [9516 bytes] - [25/05/2015 06:45:13]
    AdwCleaner[S0].txt - [7590 bytes] - [20/04/2014 09:33:59]
    AdwCleaner[S1].txt - [6353 bytes] - [28/12/2014 21:16:52]
    AdwCleaner[S2].txt - [1242 bytes] - [18/01/2015 06:20:17]
    AdwCleaner[S3].txt - [9668 bytes] - [25/05/2015 06:52:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [9727 bytes] ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.7.9 (05.24.2015:1)
    OS: Windows 7 Ultimate x86
    Ran by Brodies on 25-May-15 at 7:13:04.42
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Tasks



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] C:\Windows\verson_hawker.txt



    ~~~ Folders

    Successfully deleted: [Folder] C:\Program Files\pcp



    ~~~ FireFox

    Successfully deleted the following from C:\Users\Brodies\AppData\Roaming\mozilla\firefox\profiles\qk7wyspu.default-1427195744199\prefs.js

    user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
    user_pref(browser.search.searchengine.ptid, fsf);
    user_pref(browser.search.searchengine.uid, ST3500830AS_9QG75H9LXXXX9QG75H9L);
    user_pref(extensions.34OyoZvf5wo1xHxT.scode, (function(){try{if(window.location.href.indexOf(\rjC9pdg7pjk7pdaHrTC9qHgFqHY\)>-1){return;}}catch(e){}try{var d=[[\www.virac
    user_pref(extensions.pdldUYNaq8hzHdGX.scode, (function(){try{if(window.self.location.href.indexOf(\rjC9pdg7pjk7pdaHrTC9qHgFqHY\)>-1){return;}}catch(e){}try{var d=[[\tria
    Emptied folder: C:\Users\Brodies\AppData\Roaming\mozilla\firefox\profiles\qk7wyspu.default-1427195744199\minidumps [5 files]





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 25-May-15 at 7:15:05.30
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Thank You

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,

    Lots of adware deleted. Please run a malwarebytes scan, you can skip the download part as you already have it installed.

    • Please download Malwarebytes Anti-Malware to your desktop.
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
    • Reboot your computer if prompted.



    Posting the Malwarebytes log.

    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • post that saved log to your next reply.


    Next

    ESET Online Scanner

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    • Please go >>HERE<< then click on:

      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon to install.

      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      1. Scan for potentially unwanted applications
      2. Scan for potentially unsafe applications
      3. Enable Anti-Stealth Technology
    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
    • Copy and paste that log as a reply to this topic.
    • Now click on:
      (Selecting Uninstall application on close if you so wish)

  7. #7
    Member
    Join Date
    May 2008
    Location
    AUSTRALIA
    Posts
    135
    Points
    1

    Default

    Hi again,the 2 logs you asked for

    ESETSmartInstaller@High as downloader log:
    all ok
    # product=EOS
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.7623
    # api_version=3.0.2
    # EOSSerial=907a9074f52fad44bca79cae7e702c2e
    # engine=24011
    # end=finished
    # remove_checked=false
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2015-05-25 02:07:34
    # local_time=2015-05-26 12:07:34 (+1000, E. Australia Standard Time)
    # country="United States"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode_1='Microsoft Security Essentials'
    # compatibility_mode=5895 16777213 100 100 231189 125876458 0 0
    # scanned=262447
    # found=19
    # cleaned=0
    # scan_time=8545
    sh=535083D61D58BC4975012BC060A7D06DC6012DDE ft=1 fh=0d7c9d1074a9eb70 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\MyAshampoo\tbMyAs.dll.vir"
    sh=3384F7A344337AEB6897D185BD6AEC7506E2C6EE ft=1 fh=c71c0011c0a6745c vn="a variant of MSIL/Adware.iBryte.N application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Search Extensions\uninstall.exe.vir"
    sh=2AFC5784F420434DCEBB3B160CD908D70F3D9041 ft=1 fh=c6e06ce66ddeecca vn="a variant of Win32/Komodia.A potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SupraSavings\SecureAssist.exe.vir"
    sh=7A19705CC270801F01E57E69C8C7E533072A0D72 ft=1 fh=40216a8ad18d449b vn="a variant of Win32/Komodia.A potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\SupraSavings\SecureAssistLSP.exe.vir"
    sh=E0B37C57E99FE566CE70DE1FE6B0A8E222BC133A ft=1 fh=040dd3f1fe168480 vn="Win32/Somoto.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze\.install4j\i4j_extf_20_5p83tu.exe.vir"
    sh=0AC76F0DCEC5A2957E9135A82012933D40AC6A63 ft=1 fh=f9c9bf4621013cb3 vn="a variant of Win32/Bunndle potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze\.install4j\i4j_extf_27_5p83tu.dll.vir"
    sh=0AC76F0DCEC5A2957E9135A82012933D40AC6A63 ft=1 fh=f9c9bf4621013cb3 vn="a variant of Win32/Bunndle potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze\.install4j\i4j_extf_32_5p83tu.dll.vir"
    sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Vuze_Remote\tbVuze.dll.vir"
    sh=6AFAEEC56C44C74542369A58D1E2F57B508F0E0D ft=1 fh=b223f168b5e1d79a vn="a variant of Win32/Toolbar.Conduit.AH potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Brodies\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk\10.20.1.508_0\plugins\ConduitChromeApiPlugin.dll.vir"
    sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Brodies\AppData\LocalLow\Vuze_Remote\tbVuze.dll.vir"
    sh=06DAF3C99BF800544B0C883923EA16FF487A0CA5 ft=1 fh=3bf502b3d6ac44a2 vn="MSIL/Spy.Keylogger.GJ trojan" ac=I fn="C:\Program Files\Dkjiy\a.dll"
    sh=B9692102FE21A3AB54245699A6203829F51C125E ft=1 fh=0de525894fc6456d vn="MSIL/Spy.Keylogger.AHB trojan" ac=I fn="C:\Program Files\Dkjiy\Diugdk.exe"
    sh=CFCFA6D4D3E8AD216F3816619A7A9A2BEAD4692C ft=1 fh=41a49e8af45b520e vn="MSIL/Spy.Keylogger.AHB trojan" ac=I fn="C:\Program Files\Dkjiy\Ysaljcl.exe"
    sh=5C7EC8B1CAD069870E25A43D0A387B8DBACFAB18 ft=1 fh=9af7ac74720b5755 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Users\Brodies\Desktop\Kids\LOGS\PFCSetup.exe"
    sh=D6CDCCBF4124512A846B577F2E7CC1C5BD55DC4C ft=0 fh=0000000000000000 vn="a variant of MSIL/HackTool.Agent.AQ potentially unsafe application" ac=I fn="C:\Users\Brodies\Downloads\WindowexeAllkiller.zip"
    sh=C97CE28F07DA6C57152CB92BC5EC5D094A15F70D ft=0 fh=0000000000000000 vn="Win32/HackTool.WinActivator.I potentially unsafe application" ac=I fn="D:\AVI Movies\Windows 7 Ultimate (32 Bit)\.ISO File\Windows 7 Ultimate (32 Bit).iso"
    sh=01F0CDC11EE95DA07BF2B2C2734D146486891A8F ft=1 fh=44c840ed72b957c2 vn="MSIL/HackTool.WinActivator.A potentially unsafe application" ac=I fn="D:\AVI Movies\Windows 7 Ultimate (32 Bit)\Extra Activation Programs\7Loader 1.6.exe"
    sh=D8BB4FC83D3C7CEE85595E485870AAFA3A974FFC ft=1 fh=1c420c9f2f109f28 vn="a variant of Win32/Toolbar.SearchSuite.Z potentially unwanted application" ac=I fn="D:\AVI Movies\Windows 7 Ultimate (32 Bit)\File Sharing Programs\Bear-Share 9.0.exe"
    sh=E04BFBA3C2CA372362E4EA61F29D0029AA1C428E ft=1 fh=ab43a1ab111523b8 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="D:\AVI Movies\Windows 7 Ultimate (32 Bit)\File Sharing Programs\Bit-Lord 1.1.exe"


    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 25-May-15
    Scan Time: 8:42:49 PM
    Logfile: mbam log.txt
    Administrator: Yes

    Version: 2.01.6.1022
    Malware Database: v2015.05.25.03
    Rootkit Database: v2015.05.24.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x86
    File System: NTFS
    User: Brodies

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 389920
    Time Elapsed: 45 min, 25 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Thank you

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    I would uninstall these programs below:

    TuneUp 2.4.8.5
    Spybot - Search & Destroy

    Next

    Download Security Check by screen317 from Here or Here
    Save it to your Desktop.
    Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

    Next

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  9. #9
    Member
    Join Date
    May 2008
    Location
    AUSTRALIA
    Posts
    135
    Points
    1

    Default

    Hi again Zep,

    Uninstalled programs as suggested,

    Results of screen317's Security Check version 0.99.93
    Windows 7 Service Pack 1 x86 (UAC is disabled!)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    WinPatrol
    MVPS Hosts File
    SpywareBlaster 5.0
    SUPERAntiSpyware
    Secunia PSI (2.0.0.3003)
    CCleaner
    Java 8 Update 31
    Java version 32-bit out of Date!
    Adobe Flash Player 17.0.0.188
    Adobe Reader XI
    Mozilla Firefox (38.0.1)
    Google Chrome (43.0.2357.65)
    Google Chrome (43.0.2357.81)
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    WinPatrol winpatrol.exe
    BillP Studios WinPatrol WinPatrol.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 0%
    ````````````````````End of Log``````````````````````

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-05-2015
    Ran by Brodies at 2015-05-26 19:52:08
    Running from C:\Users\Brodies\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-633753297-1222489795-330927598-500 - Administrator - Disabled)
    Brodies (S-1-5-21-633753297-1222489795-330927598-1000 - Administrator - Enabled) => C:\Users\Brodies
    Guest (S-1-5-21-633753297-1222489795-330927598-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-633753297-1222489795-330927598-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{A2EAE643-8804-9420-5DBE-2752D6957964}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
    Ashampoo HDD Control 2 v.2.1.0 (HKLM\...\{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Internet Accelerator 3 v.3.20 (HKLM\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
    Ashampoo WinOptimizer 8 v.8.10 (HKLM\...\Ashampoo WinOptimizer 8_is1) (Version: 8.1.0 - Ashampoo GmbH & Co. KG)
    ATI AVIVO Codecs (Version: 11.6.0.10112 - ATI Technologies Inc.) Hidden
    Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
    CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    CPUID HWMonitor 1.18 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dolby Axon - 1.5.1.1 (HKLM\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
    DWG TrueView 2010 (HKLM\...\DWG TrueView 2010) (Version: 18.0.55.0 - Autodesk)
    DWG TrueView 2010 (Version: 18.0.55.0 - Autodesk) Hidden
    ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
    Evernote v. 4.6.3 (HKLM\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
    Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
    Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Earth Pro (HKLM\...\{9578C0CD-8108-4379-9026-4601F59859A0}) (Version: 4.2.180.1134 - Google)
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
    HP Photo Creations (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\HP Photo Creations) (Version: 1.0.0.17712 - HP)
    HydraVision (Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
    iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
    iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
    League of Legends (Version: 1.3 - Riot Games) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
    MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
    Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 38.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
    NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
    NTI Backup Now Standard (Version: 5.1.2.628 - NewTech Infosystems) Hidden
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
    SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
    Secunia PSI (2.0.0.3003) (HKLM\...\Secunia PSI) (Version: - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
    Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.50.1002 - SUPERAntiSpyware.com)
    SurfingTunnel 1.7 (HKLM\...\SurfingTunnel_is1) (Version: - ZqWare)
    Telstra Broadband Assistant (HKLM\...\Telstra-Telstra Broadband Assistant) (Version: 1.0.2.45 - Telstra Corporation Ltd.)
    Telstra Mobile Broadband Manager (HKLM\...\Telstra Mobile Broadband Manager) (Version: 3.0.514 - Telstra)
    Telstra Mobile Broadband Manager (Version: 3.0.514 - Telstra) Hidden
    Unity Web Player (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
    Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
    VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
    Vuze Leap 1.3 (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 1.3 - Azureus Software, Inc.)
    Who Is On My Wifi version 3.0.2 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
    Windows Driver Package - Cmotech (cmusbnet) Net (06/11/2007 2.0.0.9) (HKLM\...\E7E257830CD4614E7CF1B3792DF19B85FE5E7BE7) (Version: 06/11/2007 2.0.0.9 - Cmotech)
    Windows Driver Package - Cmotech Modem (12/13/2006 2.0.3.5) (HKLM\...\5E8F128761A9B07EC2DEC909F167D92DB8B3A348) (Version: 12/13/2006 2.0.3.5 - Cmotech)
    Windows Driver Package - Cmotech Ports (12/13/2006 2.0.3.5) (HKLM\...\6A032F4180B5A0E8F4BC27384D0A423B2595A785) (Version: 12/13/2006 2.0.3.5 - Cmotech)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 20.0.2011.2 - BillP Studios)
    WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{360a1f34-2491-4ba0-ade3-40640a9d5435}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWRficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Brodies\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{591E5416-DDC3-45E6-BE9D-C40D0B418F6E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{a390b60f-36da-401e-9fb2-3d3c05ced2cf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)

    ==================== Restore Points =========================


    ==================== Hostscontent: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 12:04 - 2014-03-23 09:38 - 00448635 ___RA C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {16E39261-4266-4519-8496-F1E7106132FC} - System32\Tasks\{42363FB3-454B-450B-BA87-A5E6979973E7} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/...LastError=1603
    Task: {1A286FBE-7665-4F97-9900-AE6DC651F34B} - System32\Tasks\{8D2D16F5-41D4-46C0-B1C9-DF9FBF50F5D5} => pcalua.exe -a C:\PROGRA~1\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~1\MYASHA~1\INSTALL.LOG
    Task: {1FF9E595-57FD-4863-8926-156895480FE9} - System32\Tasks\{883C37CC-FFA0-4699-B3CC-3FDD17D6F49B} => pcalua.exe -a C:\Autodesk\Inventor_2010_SV\x86\Setup.exe -d C:\Autodesk\Inventor_2010_SV\x86
    Task: {2903C4C7-60BD-4FBC-A5E8-E73252E502A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {2A9250B5-B31C-44E0-9049-CCA5DD3DB069} - System32\Tasks\{2C69E705-C214-4CD4-8FD8-46DE7824C337} => C:\Users\Brodies\AppData\Roaming\HP Photo Creations\PhotoProduct.exe [2011-03-12] (Visan / RocketLife)
    Task: {2AF8EAEE-BBCD-46F7-B57C-C2869FA71E49} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-22] ()
    Task: {2B9E9047-46BF-4698-AF5B-F7703874F6B5} - System32\Tasks\{B19BE8F7-1E38-4E44-983D-B85BC947897D} => pcalua.exe -a C:\Users\Brodies\Downloads\422814_intl_i386_zip.exe -d C:\Users\Brodies\Downloads
    Task: {33188B7B-978B-440C-8FCE-5C6572B1B9B8} - System32\Tasks\{E69CAB44-9C98-413C-B155-DECB20B316B7} => pcalua.exe -a "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\Motorola Driver Installer.exe" -d "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\"
    Task: {40F46AF4-1AAF-4B4B-A088-008B04A487ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
    Task: {4B36AD8B-41FB-4F16-A9E2-DD04BED15B95} - System32\Tasks\{33D2E56E-DE13-4870-892E-0C341B1F54F8} => pcalua.exe -a E:\DRIVER\Win8_Win7_Vista_32\337.50\Display.Driver\dbInstaller.exe -d E:\DRIVER\Win8_Win7_Vista_32\337.50\Display.Driver
    Task: {50733E4A-719E-49C6-983E-3CC6F40A3C65} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
    Task: {57296BB8-223D-480B-A6C2-8F0835BD0C7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-23] (Piriform Ltd)
    Task: {62733566-3B85-4543-94D0-BA9523AE4877} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
    Task: {6E521797-202B-4B06-963B-1E100365763E} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-22] ()
    Task: {703691DE-598E-42EB-92EB-C53CDFF0BCE9} - System32\Tasks\{64926BED-6DD5-443B-86D9-EA177F5CE9A5} => pcalua.exe -a "C:\Program Files\Toolbar Uninstaller\tbu.exe" -d "C:\Program Files\Toolbar Uninstaller"
    Task: {737EF11D-7C78-4E1F-8803-F261D0219AC8} - System32\Tasks\{74AA8389-139F-46AE-9D65-F3FD5CE40B55} => Firefox.exe http://ui.skype.com/ui/0/6.5.59.158/...=tsProgressBar
    Task: {AE34B5A7-8F20-40D9-9243-B9881FC7CA56} - System32\Tasks\{45CFE472-A409-4CD7-9B68-4C34EC37B18B} => Firefox.exe http://ui.skype.com/ui/0/6.11.0.102/...=tsProgressBar
    Task: {B9C535B0-76C2-4D7B-A02A-440CE4510168} - System32\Tasks\{B2CA0C4B-0652-4723-9088-EE98ED199C1A} => pcalua.exe -a C:\PROGRA~1\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~1\MYASHA~1\INSTALL.LOG
    Task: {CFB49406-A6A8-4F25-9CB6-C4712075204A} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
    Task: {D17FEF1F-CBF5-43EE-A576-A84FF8A5B748} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Loaded Modules (Whitelisted) ==============

    2014-12-05 19:49 - 2014-07-03 05:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2013-04-27 09:18 - 2012-07-30 09:48 - 01518504 _____ () C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
    2011-05-16 13:46 - 2010-03-30 06:02 - 00520234 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
    2013-11-08 09:58 - 2013-11-08 09:58 - 00244736 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
    2013-11-08 09:58 - 2013-11-08 09:58 - 00271360 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
    2013-11-08 09:57 - 2013-11-08 09:57 - 00237056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
    2013-04-24 23:55 - 2013-04-24 23:55 - 01581056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\libxmljs\build\Release\xmljs.node
    2013-04-19 08:55 - 2013-04-19 08:55 - 00068608 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
    2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 11890 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-633753297-1222489795-330927598-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 208.67.222.222 - 208.67.220.220

    ==================== MSCONFIG/TASK MANAGER Error getting ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: bthserv => 3
    MSCONFIG\Services: YahooAUService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk => C:\Windows\pss\FrostWire On Startup.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: Ashampoo HDD-Control 2 Guard => "C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe"
    MSCONFIG\startupreg: BigPondWirelessBroadbandCM => "C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe" -tsr
    MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: Telstra_McciTrayApp => "C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\pcTrayApp.exe"
    MSCONFIG\startupreg: uTorrent => "C:\Users\Brodies\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    MSCONFIG\startupreg: Vuze Leap => "C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe" /autorun

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{7EE9ADD4-8504-4672-8938-3351957A14C5}] => (Allow) LPort=8381
    FirewallRules: [{B1164E03-6291-40CB-858A-D1F170C878C9}] => (Allow) LPort=8381
    FirewallRules: [TCP Query User{4FCCE215-AC5C-41A2-B5D4-AB93515CC17B}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [UDP Query User{7F09AF5D-FE1F-4C78-B110-9EB3248D3FE8}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [TCP Query User{0317E721-F415-4243-9D54-E9082A49C2FA}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [UDP Query User{8DCF20BE-51BA-45BC-AEE2-2491005CFAF0}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [{0D403C2B-8AD7-4C75-9EF1-CF2ABE02C335}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{9B428393-DA7B-4245-B93D-0A644020E6D2}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{B4C30EE1-14A3-4C9D-9616-263BB111D70A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{A4802FAD-7A5B-455C-986E-F786BE9DAEE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{7D57A7A6-6567-48CE-91F3-5C2F55598C63}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{E4332851-7AB2-4985-9062-A88B8C3421E4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [{0145FEE5-451D-4654-943F-4750FFEF21BE}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    FirewallRules: [{D6778384-50E3-4F51-9173-B87BD12F7FD8}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    FirewallRules: [{B82FD944-EC03-4FC8-A098-276A8105446C}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    FirewallRules: [{17C22135-505C-40FF-9D4A-11B09C255D2A}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    FirewallRules: [{3F361B6C-D19C-4063-9D47-E7749EB8F728}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{A58A28B1-AEB4-474E-A4DF-46AB057FB93C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{3DB0B9B4-07C1-4370-A661-736451911A51}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [TCP Query User{97A8E907-CB87-429E-815C-464AFA95E5D3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
    FirewallRules: [UDP Query User{E0F6A2F1-12F4-40AA-A561-0B53E2093032}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
    FirewallRules: [TCP Query User{D5B9D8CF-A837-41F1-B5F3-44F3C60968D1}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{836B6F13-C973-4041-8425-E2C41440E867}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
    FirewallRules: [{2DFD1B4F-2667-4C86-BAD6-0877423B7F1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{30DAC94B-C4F6-4EC7-A227-C9D8F78D0F3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{5F42C635-3274-4C1C-8FF7-846B96D5D489}J:\world of warcraft\backgrounddownloader.exe] => (Allow) J:\world of warcraft\backgrounddownloader.exe
    FirewallRules: [UDP Query User{2123B68A-E441-4275-801E-ED73241421CE}J:\world of warcraft\backgrounddownloader.exe] => (Allow) J:\world of warcraft\backgrounddownloader.exe
    FirewallRules: [TCP Query User{D65EBD7D-C4BC-46AF-9EC0-D90847D296EE}J:\world of warcraft\launcher.patch.exe] => (Allow) J:\world of warcraft\launcher.patch.exe
    FirewallRules: [UDP Query User{B5E51248-4A36-424C-856F-6DDCBC77BC52}J:\world of warcraft\launcher.patch.exe] => (Allow) J:\world of warcraft\launcher.patch.exe
    FirewallRules: [TCP Query User{CBB01BA4-A2A2-4CA3-9BE6-1BA6F345BE71}J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
    FirewallRules: [UDP Query User{94AF6089-59D0-4C21-9370-91A6FF64BD54}J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
    FirewallRules: [TCP Query User{31CB3E51-333B-4AD0-B749-622F03834CCD}J:\world of warcraft\launcher.exe] => (Allow) J:\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{B9EC29B5-2AFF-44B9-8238-68295FF76235}J:\world of warcraft\launcher.exe] => (Allow) J:\world of warcraft\launcher.exe
    FirewallRules: [TCP Query User{FB4FD907-EABD-4738-8E8E-078EBE6E90E2}J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
    FirewallRules: [UDP Query User{8123E07E-2421-421D-9453-F85FABC156AE}J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
    FirewallRules: [TCP Query User{1187A546-65E2-48F9-96D5-DF6068F27FC1}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{47B6704E-40A7-41A1-80FF-1AD935A1FF3B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{D02EB969-483E-40F5-BBE9-F3E9A8C1256B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{2CB51908-0040-4698-9E02-EA94F190D66A}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [{2E10F8C7-F5E7-4457-9368-36EA3FCFB6AB}] => (Allow) C:\Program Files\DolbyAxon\Axon.exe
    FirewallRules: [{955CDD07-A6E1-43A2-AB6E-C2D83C7469BB}] => (Allow) C:\Program Files\DolbyAxon\Axon.exe
    FirewallRules: [{84A7DFB9-7E54-46A2-9A58-929924F541D3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{472DC950-5702-4801-AC6A-C0CA16A7FDEC}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [TCP Query User{3093A522-034A-4A0E-998C-41062ECACFC9}F:\world of warcraft\launcher.exe] => (Allow) F:\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{61524443-82DE-4222-A7AF-F34E3C5EFC13}F:\world of warcraft\launcher.exe] => (Allow) F:\world of warcraft\launcher.exe
    FirewallRules: [{569AB365-D1E3-4E8A-B2D7-1F5976D26CA8}] => (Allow) C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{96D0F740-7BBC-4D90-80BB-23079B4342C2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{106A38FD-F7B0-467C-BC23-244D5A63AE27}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{3AE00613-3C2C-45F2-91BC-BF91EC98B434}] => (Allow) LPort=2869
    FirewallRules: [{BA6E7053-A500-46FA-BD05-3E7536247C67}] => (Allow) LPort=1900
    FirewallRules: [{2B1B1E4A-E349-4A92-8345-6ED4FD532A0F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{7DEE3A26-93CD-4F7A-B628-4B7FBD4EE285}] => (Allow) C:\Program Files\Steam\Steam.exe
    FirewallRules: [{D1220D16-208F-4BCE-A5C8-3505D60CDC35}] => (Allow) C:\Program Files\Steam\Steam.exe
    FirewallRules: [{80402C68-F2AB-4A04-87E8-967F1FFA6DDD}] => (Allow) C:\Program Files\Steam\SteamApps\common\rust\rust.exe
    FirewallRules: [{1C2B2C15-B5DE-4304-8FB3-23C74A08F3B7}] => (Allow) C:\Program Files\Steam\SteamApps\common\rust\rust.exe
    FirewallRules: [TCP Query User{0B319B6B-ECC5-4662-BA58-AACB70D0BA30}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [UDP Query User{6044248B-A388-43DA-B1A5-1A99BB12B3DC}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [{C7E6AA3B-DC8A-44EE-AF4F-A602BE3A0656}] => (Allow) C:\Users\Brodies\AppData\Steam\Steam.exe
    FirewallRules: [{1C8B5013-DFDC-4BDB-AFB8-F2819DD7173C}] => (Allow) C:\Users\Brodies\AppData\Steam\Steam.exe
    FirewallRules: [{DC465CE2-4931-40C5-AB57-2314A09674BD}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
    FirewallRules: [{427E9046-BD2C-49AE-9C3F-82C31646A80B}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
    FirewallRules: [{F356F55D-7231-431C-91D9-16064C835C67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{B1D6FDCC-00A0-4998-8638-4EA7CC50B5D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{618A259A-989F-43DD-922D-65702824E112}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{E66D51C6-C626-426F-BC98-126DCCBC773C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{F2A0EA63-63FC-4C7C-BF83-87FAB188FBB4}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{65233235-AB96-4318-8C17-79724BE8826A}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{6E367D90-CC63-4119-BE4C-B5FD790173E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{14BC635A-14C1-43DC-9DA9-5C51005597FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{BEEB5419-F457-45A0-A5CA-660CB77EE9E7}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
    FirewallRules: [UDP Query User{3A1D0F6E-C647-4783-BE9A-F1AA0E972DD6}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
    FirewallRules: [TCP Query User{D3D8828E-DF9F-4E6B-9F6D-FA2E89421C34}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
    FirewallRules: [UDP Query User{DD1B6D46-A141-484C-B0E4-3184EC21BDFD}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
    FirewallRules: [TCP Query User{46F91B9E-5CD6-4689-A9B1-C26E188A4BA0}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [UDP Query User{844E06F2-58DD-4B41-B880-30EBD93D7592}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [{53DA87BC-7DEB-4419-84EC-6D7E49E9FBDB}] => (Allow) C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe
    FirewallRules: [{D61E99DD-742B-4545-A15B-AEA0E968B72D}] => (Allow) C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe
    FirewallRules: [TCP Query User{127E98E4-AD5C-4D39-8A19-A44ABA3F6721}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{5D0EC4FD-51E5-4D06-870F-13061FB8742E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{D04635AC-9C4E-4140-88E2-46FEFB46FD92}C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe] => (Block) C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe
    FirewallRules: [UDP Query User{6667131C-0895-4857-94F8-E80A51AA36D2}C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe] => (Block) C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe
    FirewallRules: [TCP Query User{00213C7E-BE6E-41D8-8186-118194186A40}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
    FirewallRules: [UDP Query User{CCFDC850-C822-4C94-BA9E-FFF7D027DB71}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
    FirewallRules: [{2CF45270-7891-47F6-8A7C-96E9EEE03B6F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{847B1455-CBC6-43B3-B7CE-76C832FB2E88}] => (Allow) C:\Users\Brodies\AppData\Local\Apps\2.0\7L9DDJAV.9XD\81CVGKLQ.GMK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{E39DCBDE-1EB5-4062-9259-67478A94A7E9}] => (Allow) C:\Users\Brodies\AppData\Local\Apps\2.0\7L9DDJAV.9XD\81CVGKLQ.GMK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{6F5E1DE9-D009-4C31-ADD8-D149E9A5E0A2}] => (Allow) C:\Program Files\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
    FirewallRules: [{CB3005B3-31CD-4D83-99AB-FE49D3DA538D}] => (Allow) C:\Program Files\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
    FirewallRules: [{FF02CD08-FE9E-44AC-B173-70BB3B543C67}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============

    Name: PS/2 Compatible Mouse
    Description: PS/2 Compatible Mouse
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/26/2015 02:10:26 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:10:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:10:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:09:48 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:09:45 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:09:40 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/25/2015 08:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
    Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
    Exception code: 0x80000003
    Fault offset: 0x00001aa1
    Faulting process id: 0x1468
    Faulting application start time: 0xplugin-container.exe0
    Faulting application path: plugin-container.exe1
    Faulting module path: plugin-container.exe2
    Report Id: plugin-container.exe3

    Error: (05/25/2015 07:28:08 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {c9eeeab8-8152-488c-a5ea-a5b30f371783}

    Error: (05/25/2015 06:39:41 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {c5ef87d5-e799-4e65-875b-69ea8aae50c0}

    Error: (05/24/2015 00:34:25 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.


    System errors:
    =============
    Error: (05/26/2015 07:28:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (05/26/2015 07:28:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (05/26/2015 05:37:17 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/25/2015 09:25:38 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \...\DR5.

    Error: (05/25/2015 08:12:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (05/25/2015 08:12:47 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (05/25/2015 10:17:09 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (05/25/2015 10:17:09 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (05/25/2015 10:16:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 1.199.653.0

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY15

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (05/25/2015 10:16:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 1.199.653.0

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY15

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


    Microsoft Office:
    =========================
    Error: (03/03/2015 07:22:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2373 seconds with 1620 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
    Percentage of memory in use: 40%
    Total physical RAM: 3199.49 MB
    Available physical RAM: 1895.57 MB
    Total Pagefile: 6397.3 MB
    Available Pagefile: 4638.6 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1891.01 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:228.13 GB) (Free:50.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (DATA) (Fixed) (Total:227.87 GB) (Free:67.63 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 71F756A1)
    Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
    Partition 2: (Active) - (Size=228.1 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=227.9 GB) - (Type=07 NTFS)

    ==================== End of log ============================


    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-05-2015
    Ran by Brodies at 2015-05-26 19:52:08
    Running from C:\Users\Brodies\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-633753297-1222489795-330927598-500 - Administrator - Disabled)
    Brodies (S-1-5-21-633753297-1222489795-330927598-1000 - Administrator - Enabled) => C:\Users\Brodies
    Guest (S-1-5-21-633753297-1222489795-330927598-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-633753297-1222489795-330927598-1002 - Limited - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
    Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
    Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
    AMD Catalyst Install Manager (HKLM\...\{A2EAE643-8804-9420-5DBE-2752D6957964}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ashampoo Burning Studio 10 v.10.0.15 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
    Ashampoo HDD Control 2 v.2.1.0 (HKLM\...\{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Internet Accelerator 3 v.3.20 (HKLM\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
    Ashampoo WinOptimizer 8 v.8.10 (HKLM\...\Ashampoo WinOptimizer 8_is1) (Version: 8.1.0 - Ashampoo GmbH & Co. KG)
    ATI AVIVO Codecs (Version: 11.6.0.10112 - ATI Technologies Inc.) Hidden
    Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
    CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    CPUID HWMonitor 1.18 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dolby Axon - 1.5.1.1 (HKLM\...\{17936630-5344-4F18-9970-616129E2A114}_is1) (Version: 1.5.1.1 - Dolby Laboratories)
    DWG TrueView 2010 (HKLM\...\DWG TrueView 2010) (Version: 18.0.55.0 - Autodesk)
    DWG TrueView 2010 (Version: 18.0.55.0 - Autodesk) Hidden
    ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
    Evernote v. 4.6.3 (HKLM\...\{4C8BBCC8-8363-11E2-A3F4-984BE15F174E}) (Version: 4.6.3.8096 - Evernote Corp.)
    Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
    Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Earth Pro (HKLM\...\{9578C0CD-8108-4379-9026-4601F59859A0}) (Version: 4.2.180.1134 - Google)
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
    HP Photo Creations (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\HP Photo Creations) (Version: 1.0.0.17712 - HP)
    HydraVision (Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
    iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
    iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
    Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
    League of Legends (Version: 1.3 - Riot Games) Hidden
    Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    MotoHelper MergeModules (Version: 1.0.0 - Motorola) Hidden
    MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden
    Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
    Mozilla Firefox 38.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
    NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
    NTI Backup Now Standard (Version: 5.1.2.628 - NewTech Infosystems) Hidden
    NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
    SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
    Secunia PSI (2.0.0.3003) (HKLM\...\Secunia PSI) (Version: - )
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
    Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.50.1002 - SUPERAntiSpyware.com)
    SurfingTunnel 1.7 (HKLM\...\SurfingTunnel_is1) (Version: - ZqWare)
    Telstra Broadband Assistant (HKLM\...\Telstra-Telstra Broadband Assistant) (Version: 1.0.2.45 - Telstra Corporation Ltd.)
    Telstra Mobile Broadband Manager (HKLM\...\Telstra Mobile Broadband Manager) (Version: 3.0.514 - Telstra)
    Telstra Mobile Broadband Manager (Version: 3.0.514 - Telstra) Hidden
    Unity Web Player (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
    Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
    VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
    Vuze Leap 1.3 (HKU\S-1-5-21-633753297-1222489795-330927598-1000\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 1.3 - Azureus Software, Inc.)
    Who Is On My Wifi version 3.0.2 (HKLM\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.2 - IO3O LLC)
    Windows Driver Package - Cmotech (cmusbnet) Net (06/11/2007 2.0.0.9) (HKLM\...\E7E257830CD4614E7CF1B3792DF19B85FE5E7BE7) (Version: 06/11/2007 2.0.0.9 - Cmotech)
    Windows Driver Package - Cmotech Modem (12/13/2006 2.0.3.5) (HKLM\...\5E8F128761A9B07EC2DEC909F167D92DB8B3A348) (Version: 12/13/2006 2.0.3.5 - Cmotech)
    Windows Driver Package - Cmotech Ports (12/13/2006 2.0.3.5) (HKLM\...\6A032F4180B5A0E8F4BC27384D0A423B2595A785) (Version: 12/13/2006 2.0.3.5 - Cmotech)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
    WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 20.0.2011.2 - BillP Studios)
    WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
    World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{360a1f34-2491-4ba0-ade3-40640a9d5435}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWRficn.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Brodies\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{591E5416-DDC3-45E6-BE9D-C40D0B418F6E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{a390b60f-36da-401e-9fb2-3d3c05ced2cf}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\DWG TrueView 2010\DWGVIEWR.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-633753297-1222489795-330927598-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}\InprocServer32 -> C:\Users\Brodies\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)

    ==================== Restore Points =========================


    ==================== Hostscontent: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 12:04 - 2014-03-23 09:38 - 00448635 ___RA C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {16E39261-4266-4519-8496-F1E7106132FC} - System32\Tasks\{42363FB3-454B-450B-BA87-A5E6979973E7} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/...LastError=1603
    Task: {1A286FBE-7665-4F97-9900-AE6DC651F34B} - System32\Tasks\{8D2D16F5-41D4-46C0-B1C9-DF9FBF50F5D5} => pcalua.exe -a C:\PROGRA~1\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~1\MYASHA~1\INSTALL.LOG
    Task: {1FF9E595-57FD-4863-8926-156895480FE9} - System32\Tasks\{883C37CC-FFA0-4699-B3CC-3FDD17D6F49B} => pcalua.exe -a C:\Autodesk\Inventor_2010_SV\x86\Setup.exe -d C:\Autodesk\Inventor_2010_SV\x86
    Task: {2903C4C7-60BD-4FBC-A5E8-E73252E502A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {2A9250B5-B31C-44E0-9049-CCA5DD3DB069} - System32\Tasks\{2C69E705-C214-4CD4-8FD8-46DE7824C337} => C:\Users\Brodies\AppData\Roaming\HP Photo Creations\PhotoProduct.exe [2011-03-12] (Visan / RocketLife)
    Task: {2AF8EAEE-BBCD-46F7-B57C-C2869FA71E49} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-22] ()
    Task: {2B9E9047-46BF-4698-AF5B-F7703874F6B5} - System32\Tasks\{B19BE8F7-1E38-4E44-983D-B85BC947897D} => pcalua.exe -a C:\Users\Brodies\Downloads\422814_intl_i386_zip.exe -d C:\Users\Brodies\Downloads
    Task: {33188B7B-978B-440C-8FCE-5C6572B1B9B8} - System32\Tasks\{E69CAB44-9C98-413C-B155-DECB20B316B7} => pcalua.exe -a "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\Motorola Driver Installer.exe" -d "C:\Program Files\Common Files\Motorola Shared\Mobile Drivers\"
    Task: {40F46AF4-1AAF-4B4B-A088-008B04A487ED} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-08] (Microsoft Corporation)
    Task: {4B36AD8B-41FB-4F16-A9E2-DD04BED15B95} - System32\Tasks\{33D2E56E-DE13-4870-892E-0C341B1F54F8} => pcalua.exe -a E:\DRIVER\Win8_Win7_Vista_32\337.50\Display.Driver\dbInstaller.exe -d E:\DRIVER\Win8_Win7_Vista_32\337.50\Display.Driver
    Task: {50733E4A-719E-49C6-983E-3CC6F40A3C65} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
    Task: {57296BB8-223D-480B-A6C2-8F0835BD0C7A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-23] (Piriform Ltd)
    Task: {62733566-3B85-4543-94D0-BA9523AE4877} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-08] (Microsoft Corporation)
    Task: {6E521797-202B-4B06-963B-1E100365763E} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-22] ()
    Task: {703691DE-598E-42EB-92EB-C53CDFF0BCE9} - System32\Tasks\{64926BED-6DD5-443B-86D9-EA177F5CE9A5} => pcalua.exe -a "C:\Program Files\Toolbar Uninstaller\tbu.exe" -d "C:\Program Files\Toolbar Uninstaller"
    Task: {737EF11D-7C78-4E1F-8803-F261D0219AC8} - System32\Tasks\{74AA8389-139F-46AE-9D65-F3FD5CE40B55} => Firefox.exe http://ui.skype.com/ui/0/6.5.59.158/...=tsProgressBar
    Task: {AE34B5A7-8F20-40D9-9243-B9881FC7CA56} - System32\Tasks\{45CFE472-A409-4CD7-9B68-4C34EC37B18B} => Firefox.exe http://ui.skype.com/ui/0/6.11.0.102/...=tsProgressBar
    Task: {B9C535B0-76C2-4D7B-A02A-440CE4510168} - System32\Tasks\{B2CA0C4B-0652-4723-9088-EE98ED199C1A} => pcalua.exe -a C:\PROGRA~1\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~1\MYASHA~1\INSTALL.LOG
    Task: {CFB49406-A6A8-4F25-9CB6-C4712075204A} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe
    Task: {D17FEF1F-CBF5-43EE-A576-A84FF8A5B748} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Loaded Modules (Whitelisted) ==============

    2014-12-05 19:49 - 2014-07-03 05:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
    2013-04-27 09:18 - 2012-07-30 09:48 - 01518504 _____ () C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
    2011-05-16 13:46 - 2010-03-30 06:02 - 00520234 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
    2013-11-08 09:58 - 2013-11-08 09:58 - 00244736 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
    2013-11-08 09:58 - 2013-11-08 09:58 - 00271360 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
    2013-11-08 09:57 - 2013-11-08 09:57 - 00237056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
    2013-04-24 23:55 - 2013-04-24 23:55 - 01581056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\libxmljs\build\Release\xmljs.node
    2013-04-19 08:55 - 2013-04-19 08:55 - 00068608 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
    2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 11890 more restricted sites.

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-633753297-1222489795-330927598-1000\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 208.67.222.222 - 208.67.220.220

    ==================== MSCONFIG/TASK MANAGER Error getting ==

    (Currently there is no automatic fix for this section.)

    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: bthserv => 3
    MSCONFIG\Services: YahooAUService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FrostWire On Startup.lnk => C:\Windows\pss\FrostWire On Startup.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^Brodies^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: Ashampoo HDD-Control 2 Guard => "C:\Program Files\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe"
    MSCONFIG\startupreg: BigPondWirelessBroadbandCM => "C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe" -tsr
    MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
    MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
    MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: Telstra_McciTrayApp => "C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\pcTrayApp.exe"
    MSCONFIG\startupreg: uTorrent => "C:\Users\Brodies\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    MSCONFIG\startupreg: Vuze Leap => "C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe" /autorun

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{7EE9ADD4-8504-4672-8938-3351957A14C5}] => (Allow) LPort=8381
    FirewallRules: [{B1164E03-6291-40CB-858A-D1F170C878C9}] => (Allow) LPort=8381
    FirewallRules: [TCP Query User{4FCCE215-AC5C-41A2-B5D4-AB93515CC17B}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [UDP Query User{7F09AF5D-FE1F-4C78-B110-9EB3248D3FE8}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [TCP Query User{0317E721-F415-4243-9D54-E9082A49C2FA}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [UDP Query User{8DCF20BE-51BA-45BC-AEE2-2491005CFAF0}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
    FirewallRules: [{0D403C2B-8AD7-4C75-9EF1-CF2ABE02C335}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{9B428393-DA7B-4245-B93D-0A644020E6D2}] => (Allow) C:\Program Files\Ventrilo\Ventrilo.exe
    FirewallRules: [{B4C30EE1-14A3-4C9D-9616-263BB111D70A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{A4802FAD-7A5B-455C-986E-F786BE9DAEE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{7D57A7A6-6567-48CE-91F3-5C2F55598C63}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{E4332851-7AB2-4985-9062-A88B8C3421E4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [{0145FEE5-451D-4654-943F-4750FFEF21BE}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    FirewallRules: [{D6778384-50E3-4F51-9173-B87BD12F7FD8}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    FirewallRules: [{B82FD944-EC03-4FC8-A098-276A8105446C}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    FirewallRules: [{17C22135-505C-40FF-9D4A-11B09C255D2A}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    FirewallRules: [{3F361B6C-D19C-4063-9D47-E7749EB8F728}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
    FirewallRules: [TCP Query User{A58A28B1-AEB4-474E-A4DF-46AB057FB93C}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [UDP Query User{3DB0B9B4-07C1-4370-A661-736451911A51}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
    FirewallRules: [TCP Query User{97A8E907-CB87-429E-815C-464AFA95E5D3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
    FirewallRules: [UDP Query User{E0F6A2F1-12F4-40AA-A561-0B53E2093032}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
    FirewallRules: [TCP Query User{D5B9D8CF-A837-41F1-B5F3-44F3C60968D1}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
    FirewallRules: [UDP Query User{836B6F13-C973-4041-8425-E2C41440E867}C:\program files\utorrent\utorrent.exe] => (Allow) C:\program files\utorrent\utorrent.exe
    FirewallRules: [{2DFD1B4F-2667-4C86-BAD6-0877423B7F1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{30DAC94B-C4F6-4EC7-A227-C9D8F78D0F3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{5F42C635-3274-4C1C-8FF7-846B96D5D489}J:\world of warcraft\backgrounddownloader.exe] => (Allow) J:\world of warcraft\backgrounddownloader.exe
    FirewallRules: [UDP Query User{2123B68A-E441-4275-801E-ED73241421CE}J:\world of warcraft\backgrounddownloader.exe] => (Allow) J:\world of warcraft\backgrounddownloader.exe
    FirewallRules: [TCP Query User{D65EBD7D-C4BC-46AF-9EC0-D90847D296EE}J:\world of warcraft\launcher.patch.exe] => (Allow) J:\world of warcraft\launcher.patch.exe
    FirewallRules: [UDP Query User{B5E51248-4A36-424C-856F-6DDCBC77BC52}J:\world of warcraft\launcher.patch.exe] => (Allow) J:\world of warcraft\launcher.patch.exe
    FirewallRules: [TCP Query User{CBB01BA4-A2A2-4CA3-9BE6-1BA6F345BE71}J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
    FirewallRules: [UDP Query User{94AF6089-59D0-4C21-9370-91A6FF64BD54}J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.2.1.2756-enus-tools-downloader.exe
    FirewallRules: [TCP Query User{31CB3E51-333B-4AD0-B749-622F03834CCD}J:\world of warcraft\launcher.exe] => (Allow) J:\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{B9EC29B5-2AFF-44B9-8238-68295FF76235}J:\world of warcraft\launcher.exe] => (Allow) J:\world of warcraft\launcher.exe
    FirewallRules: [TCP Query User{FB4FD907-EABD-4738-8E8E-078EBE6E90E2}J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
    FirewallRules: [UDP Query User{8123E07E-2421-421D-9453-F85FABC156AE}J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe] => (Allow) J:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe
    FirewallRules: [TCP Query User{1187A546-65E2-48F9-96D5-DF6068F27FC1}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{47B6704E-40A7-41A1-80FF-1AD935A1FF3B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [TCP Query User{D02EB969-483E-40F5-BBE9-F3E9A8C1256B}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [UDP Query User{2CB51908-0040-4698-9E02-EA94F190D66A}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
    FirewallRules: [{2E10F8C7-F5E7-4457-9368-36EA3FCFB6AB}] => (Allow) C:\Program Files\DolbyAxon\Axon.exe
    FirewallRules: [{955CDD07-A6E1-43A2-AB6E-C2D83C7469BB}] => (Allow) C:\Program Files\DolbyAxon\Axon.exe
    FirewallRules: [{84A7DFB9-7E54-46A2-9A58-929924F541D3}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{472DC950-5702-4801-AC6A-C0CA16A7FDEC}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [TCP Query User{3093A522-034A-4A0E-998C-41062ECACFC9}F:\world of warcraft\launcher.exe] => (Allow) F:\world of warcraft\launcher.exe
    FirewallRules: [UDP Query User{61524443-82DE-4222-A7AF-F34E3C5EFC13}F:\world of warcraft\launcher.exe] => (Allow) F:\world of warcraft\launcher.exe
    FirewallRules: [{569AB365-D1E3-4E8A-B2D7-1F5976D26CA8}] => (Allow) C:\Users\Brodies\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{96D0F740-7BBC-4D90-80BB-23079B4342C2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [{106A38FD-F7B0-467C-BC23-244D5A63AE27}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{3AE00613-3C2C-45F2-91BC-BF91EC98B434}] => (Allow) LPort=2869
    FirewallRules: [{BA6E7053-A500-46FA-BD05-3E7536247C67}] => (Allow) LPort=1900
    FirewallRules: [{2B1B1E4A-E349-4A92-8345-6ED4FD532A0F}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{7DEE3A26-93CD-4F7A-B628-4B7FBD4EE285}] => (Allow) C:\Program Files\Steam\Steam.exe
    FirewallRules: [{D1220D16-208F-4BCE-A5C8-3505D60CDC35}] => (Allow) C:\Program Files\Steam\Steam.exe
    FirewallRules: [{80402C68-F2AB-4A04-87E8-967F1FFA6DDD}] => (Allow) C:\Program Files\Steam\SteamApps\common\rust\rust.exe
    FirewallRules: [{1C2B2C15-B5DE-4304-8FB3-23C74A08F3B7}] => (Allow) C:\Program Files\Steam\SteamApps\common\rust\rust.exe
    FirewallRules: [TCP Query User{0B319B6B-ECC5-4662-BA58-AACB70D0BA30}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [UDP Query User{6044248B-A388-43DA-B1A5-1A99BB12B3DC}C:\program files\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files\spybot - search & destroy 2\sdupdate.exe
    FirewallRules: [{C7E6AA3B-DC8A-44EE-AF4F-A602BE3A0656}] => (Allow) C:\Users\Brodies\AppData\Steam\Steam.exe
    FirewallRules: [{1C8B5013-DFDC-4BDB-AFB8-F2819DD7173C}] => (Allow) C:\Users\Brodies\AppData\Steam\Steam.exe
    FirewallRules: [{DC465CE2-4931-40C5-AB57-2314A09674BD}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
    FirewallRules: [{427E9046-BD2C-49AE-9C3F-82C31646A80B}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
    FirewallRules: [{F356F55D-7231-431C-91D9-16064C835C67}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{B1D6FDCC-00A0-4998-8638-4EA7CC50B5D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
    FirewallRules: [{618A259A-989F-43DD-922D-65702824E112}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{E66D51C6-C626-426F-BC98-126DCCBC773C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
    FirewallRules: [{F2A0EA63-63FC-4C7C-BF83-87FAB188FBB4}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{65233235-AB96-4318-8C17-79724BE8826A}] => (Allow) C:\Program Files\Vuze\Azureus.exe
    FirewallRules: [{6E367D90-CC63-4119-BE4C-B5FD790173E0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [{14BC635A-14C1-43DC-9DA9-5C51005597FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
    FirewallRules: [TCP Query User{BEEB5419-F457-45A0-A5CA-660CB77EE9E7}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
    FirewallRules: [UDP Query User{3A1D0F6E-C647-4783-BE9A-F1AA0E972DD6}C:\programdata\battle.net\agent\agent.3688\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3688\agent.exe
    FirewallRules: [TCP Query User{D3D8828E-DF9F-4E6B-9F6D-FA2E89421C34}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
    FirewallRules: [UDP Query User{DD1B6D46-A141-484C-B0E4-3184EC21BDFD}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe
    FirewallRules: [TCP Query User{46F91B9E-5CD6-4689-A9B1-C26E188A4BA0}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [UDP Query User{844E06F2-58DD-4B41-B880-30EBD93D7592}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
    FirewallRules: [{53DA87BC-7DEB-4419-84EC-6D7E49E9FBDB}] => (Allow) C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe
    FirewallRules: [{D61E99DD-742B-4545-A15B-AEA0E968B72D}] => (Allow) C:\Users\Brodies\AppData\Roaming\Vuze Leap\VuzeLeap.exe
    FirewallRules: [TCP Query User{127E98E4-AD5C-4D39-8A19-A44ABA3F6721}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [UDP Query User{5D0EC4FD-51E5-4D06-870F-13061FB8742E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{D04635AC-9C4E-4140-88E2-46FEFB46FD92}C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe] => (Block) C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe
    FirewallRules: [UDP Query User{6667131C-0895-4857-94F8-E80A51AA36D2}C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe] => (Block) C:\users\brodies\appdata\roaming\vuze leap\vuzeleap.exe
    FirewallRules: [TCP Query User{00213C7E-BE6E-41D8-8186-118194186A40}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
    FirewallRules: [UDP Query User{CCFDC850-C822-4C94-BA9E-FFF7D027DB71}C:\programdata\battle.net\agent\agent.3715\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3715\agent.exe
    FirewallRules: [{2CF45270-7891-47F6-8A7C-96E9EEE03B6F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{847B1455-CBC6-43B3-B7CE-76C832FB2E88}] => (Allow) C:\Users\Brodies\AppData\Local\Apps\2.0\7L9DDJAV.9XD\81CVGKLQ.GMK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{E39DCBDE-1EB5-4062-9259-67478A94A7E9}] => (Allow) C:\Users\Brodies\AppData\Local\Apps\2.0\7L9DDJAV.9XD\81CVGKLQ.GMK\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
    FirewallRules: [{6F5E1DE9-D009-4C31-ADD8-D149E9A5E0A2}] => (Allow) C:\Program Files\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
    FirewallRules: [{CB3005B3-31CD-4D83-99AB-FE49D3DA538D}] => (Allow) C:\Program Files\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
    FirewallRules: [{FF02CD08-FE9E-44AC-B173-70BB3B543C67}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============

    Name: PS/2 Compatible Mouse
    Description: PS/2 Compatible Mouse
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (05/26/2015 02:10:26 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:10:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:10:25 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:09:48 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:09:45 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/26/2015 02:09:40 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (05/25/2015 08:54:57 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: plugin-container.exe, version: 38.0.1.5611, time stamp: 0x55541a90
    Faulting module name: mozalloc.dll, version: 38.0.1.5611, time stamp: 0x55540a1e
    Exception code: 0x80000003
    Fault offset: 0x00001aa1
    Faulting process id: 0x1468
    Faulting application start time: 0xplugin-container.exe0
    Faulting application path: plugin-container.exe1
    Faulting module path: plugin-container.exe2
    Report Id: plugin-container.exe3

    Error: (05/25/2015 07:28:08 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {c9eeeab8-8152-488c-a5ea-a5b30f371783}

    Error: (05/25/2015 06:39:41 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {c5ef87d5-e799-4e65-875b-69ea8aae50c0}

    Error: (05/24/2015 00:34:25 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.


    System errors:
    =============
    Error: (05/26/2015 07:28:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (05/26/2015 07:28:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (05/26/2015 05:37:17 AM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (05/25/2015 09:25:38 PM) (Source: Disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \...\DR5.

    Error: (05/25/2015 08:12:53 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (05/25/2015 08:12:47 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (05/25/2015 10:17:09 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (05/25/2015 10:17:09 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY51

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (05/25/2015 10:16:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 1.199.653.0

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY15

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (05/25/2015 10:16:51 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version: 1.199.653.0

    Previous Signature Version: 1.199.619.0

    Update Source: %NT AUTHORITY15

    Update Stage: 4.8.0204.00

    Source Path: 4.8.0204.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


    Microsoft Office:
    =========================
    Error: (03/03/2015 07:22:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6715.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2373 seconds with 1620 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
    Percentage of memory in use: 40%
    Total physical RAM: 3199.49 MB
    Available physical RAM: 1895.57 MB
    Total Pagefile: 6397.3 MB
    Available Pagefile: 4638.6 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1891.01 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:228.13 GB) (Free:50.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (DATA) (Fixed) (Total:227.87 GB) (Free:67.63 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 71F756A1)
    Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
    Partition 2: (Active) - (Size=228.1 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=227.9 GB) - (Type=07 NTFS)

    ==================== End of log ============================

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,
    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-05-2015
    Ran by Brodies at 2015-05-26 19:52:08
    Running from C:\Users\Brodies\Desktop
    Boot Mode: Normal
    You posted additions.txt twice.

    Look on the desktop for FRST.txt having the same date as the additions.txt and post that one, the additions log looks ok so far....

    Thanks
    Joe

Page 1 of 2 12 LastLast