BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Uvideo virus prompting install of uplayer at startup
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Uvideo virus prompting install of uplayer at startup  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : Uvideo virus prompting install of uplayer at startup
[ << Previous Thread | Next Thread >> ]

uvideovirus
New Member


Date Joined Mar 2014
Total Posts : 5
 
   Posted 3/2/2014 10:18 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Hi there. I was getting a prompt everytime at startup that told me download this uplayer program and also to run some defaultpage.exe command. Interestingly, after I ran malwarebytes scan and restarted by computer, the problem no longer occurred. But just to make sure, I decided to make a post anyway. Here are my logs. Also, some reason the HiJack this tool just gave me an empty file. Not sure if I did something wrong or what, but if it's absolutely necessary to solve my problem, please suggest something that I could do. Thanks so much in advance.



Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.02.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19499
Seward :: SEWARD-PC [administrator]

3/1/2014 7:06:58 PM
mbam-log-2014-03-01 (19-06-58).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 419581
Time elapsed: 3 hour(s), 35 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|autoauto (Trojan.Agent.BT) -> Data: c.bat -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\a\uplayermediaplayer-setup.exe (PUP.Optional.FullSpectrumAdmin) -> Quarantined and deleted successfully.
C:\Program Files\ICCup\Launcher\iccwc3.icc (PUP.GameTool) -> Quarantined and deleted successfully.
C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Seward\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Seward\Downloads\Super.CH01.TVBN.rmvb.exe (PUP.Optional.Installex) -> Quarantined and deleted successfully.
C:\Users\Seward\Downloads\HDvideo-v4.exe (PUP.Optional.FullSpectrumAdmin) -> Quarantined and deleted successfully.
C:\Users\Seward\Downloads\starcraft\SETUP.EXE (Hacktool.Crk) -> Quarantined and deleted successfully.
C:\Windows\System32\c.bat (Trojan.Agent.BT) -> Quarantined and deleted successfully.

(end)

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.19499 BrowserJavaVersion: 10.51.2
Run by Seward at 23:01:44 on 2014-03-01
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1046 [GMT -8:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe
c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe
c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe
c:\Program Files\Microsoft SQL Server\100\COM\logread.exe
c:\Program Files\Microsoft SQL Server\100\COM\logread.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\C2MP\UpdateChecker.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: HP Print Clips: {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\program files\hp\smart web printing\hpswp_framework.dll
uRun: [Google Update] "c:\users\seward\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\users\seward\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
dRun: [VistaBatterySaver] c:\program files\sharpsoft\vista battery saver\VistaBatterySaver.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codecp~1.lnk - c:\windows\system32\c2mp\UpdateChecker.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v53/wwspades/wwspades.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{42F48A52-723F-400C-ADC5-27B3FACC4B03} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7DD10482-45EB-4D87-BE4C-FBACFA939231} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-12 255968]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2013-6-28 14624]
R2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\microsoft sql server\100\dts\binn\MsDtsSrvr.exe [2011-4-24 214880]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\msrs10_50.mssqlserver\reporting services\reportserver\bin\ReportingServicesService.exe [2011-4-24 1177952]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\fdlauncher.exe [2010-4-3 28512]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-6-23 83864]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-6-23 181784]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
.
=============== Created Last 30 ================
.
2014-03-02 03:06:11 -------- d-----w- c:\users\seward\appdata\roaming\Malwarebytes
2014-03-02 03:05:55 -------- d-----w- c:\programdata\Malwarebytes
2014-03-02 03:05:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-02 03:05:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-28 04:12:31 -------- d-----w- c:\users\seward\appdata\roaming\Intuit
2014-02-28 04:09:04 -------- d-----w- c:\program files\common files\Intuit
2014-02-28 04:08:43 -------- d-----w- c:\program files\TurboTax
2014-02-28 04:07:06 -------- d-----w- c:\programdata\Intuit
2014-02-26 11:03:18 -------- d-----w- c:\windows\Migration
2014-02-09 20:00:16 -------- d-----w- C:\a
.
==================== Find3M ====================
.
2014-02-22 03:32:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-22 03:32:33 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-02 20:10:57 916992 ----a-w- c:\windows\system32\wininet.dll
2014-02-02 20:10:34 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-02 20:10:31 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-02 20:10:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2014-02-02 20:10:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2014-02-02 20:10:22 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-01 22:54:13 385024 ----a-w- c:\windows\system32\html.iec
2014-02-01 22:47:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-01 22:46:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2013-12-22 15:42:15 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-12-19 05:10:01 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-12-05 02:12:37 1248768 ----a-w- c:\windows\system32\msxml3.dll
.
============= FINISH: 23:04:23.70 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/2/2008 3:44:33 PM
System Uptime: 3/1/2014 10:53:13 PM (1 hours ago)
.
Motherboard: Wistron | | 30CD
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1833/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 53.875 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.991 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0011
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter
PNP Device ID: ROOT\*6TO4MP\0011
Service: tunnel
.
Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: AZLTDURB IDE Controller
Device ID: ACPI\PNPA000\4&5D18F2DF&0
Manufacturer: (Standard mass storage controllers)
Name: AZLTDURB IDE Controller
PNP Device ID: ACPI\PNPA000\4&5D18F2DF&0
Service: afucvyr4
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
7-Zip 9.20
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9)
Adobe Shockwave Player
AIM 7
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
Bonjour
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Cisco WebEx Meetings
Citrix Online Launcher
Compatibility Pack for the 2007 Office system
Conexant HD Audio
CyberLink YouCam
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DVD Suite
Facebook Video Calling 2.0.0.447
Fotobounce
GDR 1617 for SQL Server 2008 R2 (KB2494088)
Google Chrome
Google Talk Plugin
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Active Support Library
HP Customer Experience Enhancements
HP Doc Viewer
HP Easy Setup - Frontend
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.30 E1
HP QuickPlay 3.6
HP QuickTouch 1.00 C4
HP Smart Web Printing
HP Total Care Advisor
HP Update
HP User Guides 0090
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
ICCup Launcher
Intel(R) Graphics Media Accelerator Driver
Java 7 Update 51
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 29
Java(TM) SE Development Kit 7 Update 1
JavaFX 2.1.1
LabelPrint
Malwarebytes Anti-Malware version 1.75.0.1300
Marvell Miniport Driver
Media Player Codec Pack 4.2.7
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2003 Web Components
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Books Online
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 (x86)
Microsoft Sync Services for ADO.NET v2.0 (x86)
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Works
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
My HP Games
NetWaiting
Notepad++
OGA Notifier 2.0.0048.0
PSSWCORE
Real Alternative 2.0.2
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
Ruby 1.9.3-p448
SAMSUNG USB Driver for Mobile Phones
Secure Download Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Skype Click to Call
Skype™ 6.9
SQL Server 2008 R2 Analysis Services
SQL Server 2008 R2 BI Development Studio
SQL Server 2008 R2 Client Tools
SQL Server 2008 R2 Common Files
SQL Server 2008 R2 Database Engine Services
SQL Server 2008 R2 Database Engine Shared
SQL Server 2008 R2 Full text search
SQL Server 2008 R2 Integration Services
SQL Server 2008 R2 Management Studio
SQL Server 2008 R2 Reporting Services
Sql Server Customer Experience Improvement Program
SSH Secure Shell
Touch Pad Driver
TurboTax 2013
TurboTax 2013 wcaiper
TurboTax 2013 WinPerFedFormset
TurboTax 2013 WinPerReleaseEngine
TurboTax 2013 WinPerTaxSupport
TurboTax 2013 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VideoToolkit01
VLC media player 1.1.3
WeatherBug Gadget
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
.
==== End Of File ===========================
Back to Top
 

uvideovirus
New Member


Date Joined Mar 2014
Total Posts : 5
 
   Posted 3/3/2014 4:46 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Any moderators available to take a look at this?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12979
 
   Posted 3/3/2014 6:59 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Hi uvideovirus





Please download
Farbar Recovery Scan Tool

and save it to your Desktop.


Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.




    Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    Press Scan button.
    It will produce a log called FRST.txt in the same directory the tool is run from.
    Please copy and paste log back here.
    The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.




Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Save notepad as fixlist.txt
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.


Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.

Note: If the tool warned you about the outdated version please download and run the updated version.


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

uvideovirus
New Member


Date Joined Mar 2014
Total Posts : 5
 
   Posted 3/3/2014 11:14 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Below are FRST.txt and Addition.txt. I'm honestly not sure what you meant to put it fixlist.txt Can you put a little more specific? Do I copy paste FRST and Addition into fixlist.txt?

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-03-2014
Ran by Seward (administrator) on SEWARD-PC on 03-03-2014 00:08:11
Running from C:\Users\Seward\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgchsvx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\logread.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\System32\C2MP\UpdateChecker.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
() C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\logread.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(International Cyber Cup) C:\Program Files\ICCup\Launcher\Launcher.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [159744 2007-03-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174616 2007-07-24] (Intel Corporation)
HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2008-06-01] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-08] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKU\.DEFAULT\...\Run: [VistaBatterySaver] - C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\Run: [Google Update] - C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-09-04] (Google Inc.)
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\Run: [Facebook Update] - C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {21a3c60a-dba5-11e2-8e2a-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {400a7b8e-4d1f-11e3-b195-001d726593f6} - G:\iLinker.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd62d-e78c-11e1-ba08-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd645-e78c-11e1-ba08-001d726593f6} - "N:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {5dd2a826-c42b-11df-bc41-001d726593f6} - G:\SETUP.EXE
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {6dbb92f1-2f7c-11e1-b4d8-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eae7b-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eaf65-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {a15dc4ed-2e71-11e1-be64-001d726593f6} - K:\TLBootstrap_WPP.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d0b53275-f595-11e2-bcc5-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d3a64da1-1d03-11de-b2aa-001d726593f6} - F:\SETUP.EXE
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {ee406826-8e8f-11dd-8846-001d726593f6} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - DefaultScope {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
SearchScopes: HKCU - {0188a726-3ac6-4096-85c4-27ed8b6a048a} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=bu10aiminstabie7
SearchScopes: HKCU - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
SearchScopes: HKCU - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinner.com/games/v53/wwspades/wwspades.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Chrome:
=======
CHR HomePage:
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\Seward\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Seward\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Google Update) - C:\Users\Seward\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Angry Birds) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-05-11]
CHR Extension: (Adblock Plus) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-08-05]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-08-26]
CHR Extension: (AdBlock) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-08-05]
CHR Extension: (InstaTwit) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhalcamddihdpdgdjkjbgikgobnbbpif [2013-11-23]
CHR Extension: (The Great Suspender) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2013-09-21]
CHR Extension: (Skype Click to Call) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-01]
CHR Extension: (Reload All Tabs) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2013-09-21]
CHR Extension: (Google Wallet) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (My Chrome Theme) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-09-22]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

========================== Services (Whitelisted) =================

R2 aawservice; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-08-22] (Lavasoft)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard)
R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [214880 2011-04-24] (Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [28512 2010-04-03] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [42872672 2011-04-24] (Microsoft Corporation)
R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [25768800 2010-04-03] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [2794234 2009-02-17] (INCA Internet Co., Ltd.)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1177952 2011-04-24] (Microsoft Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [367456 2011-04-24] (Microsoft Corporation)
S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S2 QPCapSvc; "C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe" [X]
S2 QPSched; "C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-04] (AVG Technologies CZ, s.r.o.)
S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [183352 2007-10-01] (Conexant Systems Inc.)
R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28816 2008-09-26] (Logitech, Inc.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-07-10] (Duplex Secure Ltd.)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [194362 2009-04-08] (Jungo)
S3 apf001; \??\C:\Users\Seward\Desktop\SoftnyxGame\GunboundIS\apf001.sys [X]
U1 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U3 afucvyr4; No ImagePath
U3 mbr; \??\C:\Users\Seward\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-03 00:08 - 2014-03-03 00:08 - 00022766 _____ () C:\Users\Seward\Downloads\FRST.txt
2014-03-03 00:08 - 2014-03-03 00:08 - 00000000 ____D () C:\FRST
2014-03-03 00:07 - 2014-03-03 00:07 - 01145344 _____ (Farbar) C:\Users\Seward\Downloads\FRST.exe
2014-03-02 10:46 - 2014-03-02 11:27 - 00001590 _____ () C:\Windows\setupact.log
2014-03-02 10:46 - 2014-03-02 10:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 23:32 - 2014-03-01 23:32 - 00000123 _____ () C:\Users\Seward\Desktop\programs new pc.txt
2014-03-01 23:09 - 2014-03-01 23:09 - 00001950 _____ () C:\Users\Seward\Desktop\HiJackThis.lnk
2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-01 23:08 - 2014-03-01 23:08 - 01402880 _____ () C:\Users\Seward\Downloads\HijackThis.msi
2014-03-01 23:05 - 2014-03-01 23:05 - 00007765 _____ () C:\Users\Seward\Desktop\attach.txt
2014-03-01 23:05 - 2014-03-01 23:04 - 00014397 _____ () C:\Users\Seward\Desktop\dds.txt
2014-03-01 23:02 - 2014-03-01 23:02 - 00921000 _____ (Oracle Corporation) C:\Users\Seward\Downloads\chromeinstall-7u51.exe
2014-03-01 23:01 - 2014-03-01 23:01 - 00688992 ____R (Swearware) C:\Users\Seward\Downloads\dds.scr
2014-03-01 22:53 - 2014-03-01 22:53 - 00001966 _____ () C:\Windows\PFRO.log
2014-03-01 19:06 - 2014-03-01 19:06 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Malwarebytes
2014-03-01 19:05 - 2014-03-01 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 19:05 - 2014-03-01 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Seward\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-01 19:05 - 2014-03-01 19:05 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-01 19:05 - 2014-03-01 19:05 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-01 19:05 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-27 20:53 - 2014-02-27 20:53 - 00111360 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-27 20:13 - 2014-03-02 22:13 - 00000000 ____D () C:\Users\Seward\Documents\TurboTax
2014-02-27 20:13 - 2014-02-27 20:52 - 00000286 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-02-27 20:12 - 2014-02-27 20:12 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Intuit
2014-02-27 20:10 - 2014-02-27 20:10 - 00001882 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk
2014-02-27 20:09 - 2014-02-27 20:09 - 00000000 ____D () C:\Program Files\Common Files\Intuit
2014-02-27 20:08 - 2014-02-27 20:08 - 00000000 ____D () C:\Program Files\TurboTax
2014-02-27 20:07 - 2014-02-27 20:09 - 00000000 ____D () C:\ProgramData\Intuit
2014-02-12 22:54 - 2014-02-12 22:54 - 04721920 _____ (Piriform Ltd) C:\Users\Seward\Downloads\ccsetup410.exe
2014-02-12 19:37 - 2014-02-02 12:10 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 19:37 - 2014-02-02 12:10 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 19:37 - 2014-02-02 12:10 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-02-12 19:37 - 2014-02-01 14:54 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-12 19:37 - 2014-02-01 14:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 19:37 - 2014-02-01 14:47 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 19:37 - 2014-02-01 14:46 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 19:37 - 2014-02-01 14:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-12 19:37 - 2013-12-22 07:42 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 19:37 - 2013-12-04 18:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-09 12:00 - 2014-03-01 22:50 - 00000000 ____D () C:\a

==================== One Month Modified Files and Folders =======

2014-03-03 00:08 - 2014-03-03 00:08 - 00022766 _____ () C:\Users\Seward\Downloads\FRST.txt
2014-03-03 00:08 - 2014-03-03 00:08 - 00000000 ____D () C:\FRST
2014-03-03 00:07 - 2014-03-03 00:07 - 01145344 _____ (Farbar) C:\Users\Seward\Downloads\FRST.exe
2014-03-03 00:05 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-03 00:05 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 23:33 - 2012-03-29 05:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 23:13 - 2010-09-04 12:33 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job
2014-03-02 23:11 - 2010-08-31 22:39 - 01097903 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 23:02 - 2013-07-03 16:51 - 00000000 ____D () C:\Users\Seward\Downloads\starcraft
2014-03-02 22:13 - 2014-02-27 20:13 - 00000000 ____D () C:\Users\Seward\Documents\TurboTax
2014-03-02 22:12 - 2011-08-23 21:02 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job
2014-03-02 20:17 - 2010-10-17 21:33 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-03-02 20:13 - 2010-09-04 12:33 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job
2014-03-02 16:12 - 2011-08-23 21:02 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job
2014-03-02 11:55 - 2006-11-02 02:33 - 00918670 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 11:27 - 2014-03-02 10:46 - 00001590 _____ () C:\Windows\setupact.log
2014-03-02 10:46 - 2014-03-02 10:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 23:32 - 2014-03-01 23:32 - 00000123 _____ () C:\Users\Seward\Desktop\programs new pc.txt
2014-03-01 23:09 - 2014-03-01 23:09 - 00001950 _____ () C:\Users\Seward\Desktop\HiJackThis.lnk
2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Program Files\Trend Micro
2014-03-01 23:08 - 2014-03-01 23:08 - 01402880 _____ () C:\Users\Seward\Downloads\HijackThis.msi
2014-03-01 23:05 - 2014-03-01 23:05 - 00007765 _____ () C:\Users\Seward\Desktop\attach.txt
2014-03-01 23:04 - 2014-03-01 23:05 - 00014397 _____ () C:\Users\Seward\Desktop\dds.txt
2014-03-01 23:02 - 2014-03-01 23:02 - 00921000 _____ (Oracle Corporation) C:\Users\Seward\Downloads\chromeinstall-7u51.exe
2014-03-01 23:01 - 2014-03-01 23:01 - 00688992 ____R (Swearware) C:\Users\Seward\Downloads\dds.scr
2014-03-01 23:00 - 2014-03-01 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 22:54 - 2006-11-02 05:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 22:53 - 2014-03-01 22:53 - 00001966 _____ () C:\Windows\PFRO.log
2014-03-01 22:53 - 2009-04-29 22:10 - 00000000 ____D () C:\Windows\Sun
2014-03-01 22:52 - 2006-11-02 05:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-01 22:50 - 2014-02-09 12:00 - 00000000 ____D () C:\a
2014-03-01 19:06 - 2014-03-01 19:06 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Malwarebytes
2014-03-01 19:05 - 2014-03-01 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Seward\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-01 19:05 - 2014-03-01 19:05 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-01 19:05 - 2014-03-01 19:05 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-01 19:03 - 2008-09-06 21:24 - 00000000 ____D () C:\Windows\Minidump
2014-03-01 18:41 - 2006-11-02 04:47 - 00404616 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-27 23:54 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-27 20:53 - 2014-02-27 20:53 - 00111360 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-27 20:52 - 2014-02-27 20:13 - 00000286 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-02-27 20:12 - 2014-02-27 20:12 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Intuit
2014-02-27 20:10 - 2014-02-27 20:10 - 00001882 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk
2014-02-27 20:09 - 2014-02-27 20:09 - 00000000 ____D () C:\Program Files\Common Files\Intuit
2014-02-27 20:09 - 2014-02-27 20:07 - 00000000 ____D () C:\ProgramData\Intuit
2014-02-27 20:08 - 2014-02-27 20:08 - 00000000 ____D () C:\Program Files\TurboTax
2014-02-21 19:32 - 2012-03-29 05:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 19:32 - 2011-06-12 04:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-12 22:59 - 2014-01-17 13:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-12 22:59 - 2008-08-22 12:50 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Mozilla
2014-02-12 22:58 - 2014-01-08 08:40 - 00000000 ____D () C:\Users\Seward\AppData\Local\Citrix
2014-02-12 22:56 - 2008-10-15 08:43 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Media Player Classic
2014-02-12 22:54 - 2014-02-12 22:54 - 04721920 _____ (Piriform Ltd) C:\Users\Seward\Downloads\ccsetup410.exe
2014-02-12 22:54 - 2008-09-08 22:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-12 22:47 - 2010-10-17 21:33 - 00000000 ____D () C:\ProgramData\AVG10
2014-02-12 20:38 - 2013-08-06 02:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 20:27 - 2006-11-02 02:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-09 11:59 - 2008-10-10 08:46 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Apple Computer
2014-02-06 20:48 - 2010-10-08 10:21 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-02 12:10 - 2014-02-12 19:37 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-02 12:10 - 2014-02-12 19:37 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-02 12:10 - 2014-02-12 19:37 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-02-01 14:54 - 2014-02-12 19:37 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-01 14:47 - 2014-02-12 19:37 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 14:47 - 2014-02-12 19:37 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-01 14:46 - 2014-02-12 19:37 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 14:46 - 2014-02-12 19:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-02 23:12

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-03-2014
Ran by Seward at 2014-03-03 00:09:18
Running from C:\Users\Seward\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Acrobat.com (HKLM\...\{27F00C63-449B-2FAB-CBE8-24AB80E17449}) (Version: 1.7.258 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Ad-Aware (HKLM\...\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}) (Version: 7.1.0.7 - Lavasoft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
AIM 7 (HKLM\...\AIM_7) (Version: - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies)
AVG 2011 (Version: 10.0.1432 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.3705 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2519 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.2519 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fotobounce (HKLM\...\{1A89C6BC-8B49-4B54-9BB2-613F7825C50E}) (Version: 2.0.0 - Applied Recognition)
GDR 1617 for SQL Server 2008 R2 (KB2494088) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Talk Plugin (HKLM\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google)
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)
HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.0.17.0 - Hewlett-Packard)
HP Smart Web Printing (Version: 3.0.17.0 - Hewlett-Packard) Hidden
HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HP User Guides 0090 (HKLM\...\{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
ICCup Launcher (HKLM\...\ICCup Launcher_is1) (Version: 1.6 - ICCup)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 7 Update 1 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.22.4.3 - Marvell)
Media Player Codec Pack 4.2.7 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.7 - Media Player Codec Pack)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Books Online (HKLM\...\{74F7B314-0507-4F91-9A4E-B6C9B027E410}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{046755CA-F677-4B7F-AF9A-6AB295A02A30}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{76866BE3-B2C7-40BB-B267-927792AED0C3}) (Version: 10.50.1617.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x86) (HKLM\...\{A8BD5A60-E843-46DC-8271-ABF20756BE0F}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 (x86) (HKLM\...\{C89B00A2-B72A-4935-96FC-38796E9554EC}) (Version: 2.0.1215.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc)
Notepad++ (HKLM\...\Notepad++) (Version: 5.9.6.2 - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - )
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.52.02 - )
Ruby 1.9.3-p448 (HKCU\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p448 - RubyInstaller Team)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Secure Download Manager (HKLM\...\{6CEF2BC6-8929-44EE-8360-175513E1A49A}) (Version: 3.0.5 - e-academy Inc.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.9 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.)
SQL Server 2008 R2 Analysis Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 BI Development Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Client Tools (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Full text search (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Integration Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SSH Secure Shell (HKLM\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 wcaiper (Version: 013.000.1149 - Intuit Inc.) Hidden
TurboTax 2013 WinPerFedFormset (Version: 013.000.1790 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0463 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player 1.1.3 (HKLM\...\VLC media player) (Version: 1.1.3 - VideoLAN)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points =========================

05-02-2014 18:28:47 Scheduled Checkpoint
10-02-2014 18:03:27 Scheduled Checkpoint
12-02-2014 04:50:26 Scheduled Checkpoint
13-02-2014 04:04:07 Scheduled Checkpoint
13-02-2014 04:16:37 Windows Update
16-02-2014 05:09:44 Scheduled Checkpoint
18-02-2014 18:12:54 Scheduled Checkpoint
19-02-2014 18:04:01 Scheduled Checkpoint
23-02-2014 22:02:53 Scheduled Checkpoint
25-02-2014 04:08:11 Scheduled Checkpoint
26-02-2014 11:00:36 Windows Update
27-02-2014 04:47:34 Windows Update
28-02-2014 04:09:04 Installed TurboTax 2013 wrapper
28-02-2014 04:58:14 Installed TurboTax 2013 wcaiper
02-03-2014 07:08:56 Installed HiJackThis
03-03-2014 03:20:15 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 02:23 - 2006-09-18 13:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc <==== ATTENTION
Task: {1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2321AC5F-26AE-4545-90CE-A37752D6D361} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () <==== ATTENTION
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {4CFDC0C7-6870-4678-8DB8-35F77C8031A2} - System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => C:\Windows\system32\msfeedssync.exe [2014-02-01] (Microsoft Corporation) <==== ATTENTION
Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {74741983-CE0F-4014-BC20-7F0334C2A495} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION
Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {8531C02A-F529-4346-B16D-319A127D220F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) <==== ATTENTION
Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION
Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION
Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {BF1F143E-1DA6-4839-9637-4C76E90CBD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {C3AFD228-6280-47EC-B81D-5969294364F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) <==== ATTENTION
Task: {D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} - System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {ED31815B-D641-45BC-BBB0-C512D9E6DB34} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {F493F569-3741-4BE1-81D2-064CB62A410E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION
Task: {FBBCF8E5-5D94-41C2-851E-73BD6697474E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-24 19:19 - 2011-05-28 21:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-04-18 14:42 - 2013-04-18 14:42 - 00048248 _____ () C:\Windows\System32\C2MP\UpdateChecker.exe
2007-05-16 10:43 - 2007-05-16 10:43 - 00677432 ____R () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2011-02-10 06:55 - 2011-02-10 06:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
2014-02-21 19:39 - 2014-02-19 17:02 - 00051016 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-21 19:39 - 2014-02-19 17:03 - 04060488 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-21 19:39 - 2014-02-19 17:03 - 00394568 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-21 19:39 - 2014-02-19 17:02 - 01647432 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2013-11-30 21:57 - 2013-11-30 21:57 - 04591616 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll
2013-11-30 21:57 - 2013-11-30 21:57 - 00112128 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll
2013-10-20 13:06 - 2013-07-06 15:53 - 00083968 _____ () C:\Ruby193\bin\ZLIB1.dll
2013-07-03 17:01 - 2013-03-06 19:08 - 00114688 _____ () C:\Program Files\ICCup\Launcher\RepAnalyser.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aawservice => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: WSearch => 2
MSCONFIG\startupfolder: C:^Users^Seward^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TokBox.lnk => C:\Windows\pss\TokBox.lnk.Startup
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: AZLTDURB IDE Controller
Description: AZLTDURB IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: afucvyr4
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 188512

Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 188512

Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 187514

Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 187514

Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 186515

Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 186515

Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 05:37:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 185501


System errors:
=============
Error: (03/02/2014 11:18:34 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer YUAN-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{42F48A52-723F-400C-ADC5-27B3FACC4B.
The master browser is stopping or an election is being forced.

Error: (03/02/2014 11:11:32 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a46\SystemRoot\System32\Config\RegBack\COMPONENTS

Error: (03/02/2014 10:05:56 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{42F48A52-723F-400C-ADC5-27B3FACC4B03} because another computer on the network has the same name. The server could not start.

Error: (03/01/2014 11:04:36 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer YUAN-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{42F48A52-723F-400C-ADC5-27B3FACC4B.
The master browser is stopping or an election is being forced.

Error: (03/01/2014 10:55:19 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%2

Error: (03/01/2014 10:55:19 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Background Capture Service (QBCS)%%2

Error: (03/01/2014 10:55:19 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/01/2014 06:42:36 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%2

Error: (03/01/2014 06:42:36 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Background Capture Service (QBCS)%%2

Error: (03/01/2014 06:42:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058


Microsoft Office Sessions:
=========================
Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 188512

Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 188512

Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 187514

Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 187514

Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 186515

Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 186515

Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/02/2014 05:37:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 185501


CodeIntegrity Errors:
===================================
Date: 2014-03-03 00:08:48.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:48.467
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:48.115
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:47.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:46.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:45.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:45.607
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-03 00:08:45.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-01 23:11:54.386
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-03-01 23:11:54.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 3061.61 MB
Available physical RAM: 1254.64 MB
Total Pagefile: 6333.49 MB
Available Pagefile: 4091.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:221.2 GB) (Free:54.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 04ACE2E4)
Partition 1: (Active) - (Size=221 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12979
 
   Posted 3/3/2014 12:00 PM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
I'm honestly not sure what you meant two put it fixlist.txt Can you put a little more specific? Do I copy paste FRST and Addition into fixlist.txt?




It is understandable, as it was my fault, because fixlist file are meant to be created as a fix as below.



Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.



 start
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {21a3c60a-dba5-11e2-8e2a-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {400a7b8e-4d1f-11e3-b195-001d726593f6} - G:\iLinker.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd62d-e78c-11e1-ba08-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd645-e78c-11e1-ba08-001d726593f6} - "N:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {5dd2a826-c42b-11df-bc41-001d726593f6} - G:\SETUP.EXE
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {6dbb92f1-2f7c-11e1-b4d8-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eae7b-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eaf65-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {a15dc4ed-2e71-11e1-be64-001d726593f6} - K:\TLBootstrap_WPP.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d0b53275-f595-11e2-bcc5-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d3a64da1-1d03-11de-b2aa-001d726593f6} - F:\SETUP.EXE
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {ee406826-8e8f-11dd-8846-001d726593f6} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
U3 afucvyr4; No ImagePath
U3 mbr; \??\C:\Users\Seward\AppData\Local\Temp\mbr.sys [X]
Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc <==== ATTENTION
Task: {1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2321AC5F-26AE-4545-90CE-A37752D6D361} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () <==== ATTENTION
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {4CFDC0C7-6870-4678-8DB8-35F77C8031A2} - System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => C:\Windows\system32\msfeedssync.exe [2014-02-01] (Microsoft Corporation) <==== ATTENTION
Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {74741983-CE0F-4014-BC20-7F0334C2A495} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION
Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {8531C02A-F529-4346-B16D-319A127D220F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) <==== ATTENTION
Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION
Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION
Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {BF1F143E-1DA6-4839-9637-4C76E90CBD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {C3AFD228-6280-47EC-B81D-5969294364F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) <==== ATTENTION
Task: {D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} - System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {ED31815B-D641-45BC-BBB0-C512D9E6DB34} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {F493F569-3741-4BE1-81D2-064CB62A410E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION
Task: {FBBCF8E5-5D94-41C2-851E-73BD6697474E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => C:\Windows\system32\msfeedssync.exe
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
end


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Save notepad as fixlist.txt
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.


Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.

Note: If the tool warned you about the outdated version please download and run the updated version.





Please download - AdwCleaner
by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
• Click on the Scan button.
• After the scan has finished click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Post logfile will also be saved in the C:\AdwCleaner folder.

Please post it in next reply


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

uvideovirus
New Member


Date Joined Mar 2014
Total Posts : 5
 
   Posted 3/4/2014 6:48 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-03-2014
Ran by Seward at 2014-03-03 19:12:47 Run:1
Running from C:\Users\Seward\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {21a3c60a-dba5-11e2-8e2a-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {400a7b8e-4d1f-11e3-b195-001d726593f6} - G:\iLinker.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd62d-e78c-11e1-ba08-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd645-e78c-11e1-ba08-001d726593f6} - "N:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {5dd2a826-c42b-11df-bc41-001d726593f6} - G:\SETUP.EXE
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {6dbb92f1-2f7c-11e1-b4d8-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eae7b-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eaf65-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {a15dc4ed-2e71-11e1-be64-001d726593f6} - K:\TLBootstrap_WPP.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d0b53275-f595-11e2-bcc5-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d3a64da1-1d03-11de-b2aa-001d726593f6} - F:\SETUP.EXE
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {ee406826-8e8f-11dd-8846-001d726593f6} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
U3 afucvyr4; No ImagePath
U3 mbr; \??\C:\Users\Seward\AppData\Local\Temp\mbr.sys [X]
Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc <==== ATTENTION
Task: {1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2321AC5F-26AE-4545-90CE-A37752D6D361} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () <==== ATTENTION
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {4CFDC0C7-6870-4678-8DB8-35F77C8031A2} - System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => C:\Windows\system32\msfeedssync.exe [2014-02-01] (Microsoft Corporation) <==== ATTENTION
Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {74741983-CE0F-4014-BC20-7F0334C2A495} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION
Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {8531C02A-F529-4346-B16D-319A127D220F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) <==== ATTENTION
Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION
Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION
Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {BF1F143E-1DA6-4839-9637-4C76E90CBD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {C3AFD228-6280-47EC-B81D-5969294364F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) <==== ATTENTION
Task: {D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} - System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {ED31815B-D641-45BC-BBB0-C512D9E6DB34} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {F493F569-3741-4BE1-81D2-064CB62A410E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION
Task: {FBBCF8E5-5D94-41C2-851E-73BD6697474E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => C:\Windows\system32\msfeedssync.exe
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
end
*****************

HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2839089444-2725325661-240080684-1000 => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2839089444-2725325661-240080684-1000 => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a3c60a-dba5-11e2-8e2a-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{21a3c60a-dba5-11e2-8e2a-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{400a7b8e-4d1f-11e3-b195-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{400a7b8e-4d1f-11e3-b195-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59bfd62d-e78c-11e1-ba08-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{59bfd62d-e78c-11e1-ba08-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59bfd645-e78c-11e1-ba08-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{59bfd645-e78c-11e1-ba08-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5dd2a826-c42b-11df-bc41-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{5dd2a826-c42b-11df-bc41-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6dbb92f1-2f7c-11e1-b4d8-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{6dbb92f1-2f7c-11e1-b4d8-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{855eae7b-12c4-11e2-9a36-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{855eae7b-12c4-11e2-9a36-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{855eaf65-12c4-11e2-9a36-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{855eaf65-12c4-11e2-9a36-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a15dc4ed-2e71-11e1-be64-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{a15dc4ed-2e71-11e1-be64-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d0b53275-f595-11e2-bcc5-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{d0b53275-f595-11e2-bcc5-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3a64da1-1d03-11de-b2aa-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{d3a64da1-1d03-11de-b2aa-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee406826-8e8f-11dd-8846-001d726593f6} => Key deleted successfully.
HKCR\CLSID\{ee406826-8e8f-11dd-8846-001d726593f6} => Key not found.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully.
HKU\S-1-5-21-2839089444-2725325661-240080684-1000\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully.
afucvyr4 => Service deleted successfully.
mbr => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04699375-5AFB-4BAF-9F2A-09D8C0497F4E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04699375-5AFB-4BAF-9F2A-09D8C0497F4E} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3AF200-FADC-49E5-880E-DEE192C8B79A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3AF200-FADC-49E5-880E-DEE192C8B79A} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11893D5E-54A0-4C6B-AB0D-D9FA527334A9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11893D5E-54A0-4C6B-AB0D-D9FA527334A9} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} => Key deleted successfully.
C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CC81347-6204-4B83-900C-01E02F50F067} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CC81347-6204-4B83-900C-01E02F50F067} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC\TMM => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\TMM => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2321AC5F-26AE-4545-90CE-A37752D6D361} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2321AC5F-26AE-4545-90CE-A37752D6D361} => Key deleted successfully.
C:\Windows\System32\Tasks\ROC_REG_JAN_DELETE => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROC_REG_JAN_DELETE => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{320124A7-D70F-41DE-A9D1-D5E8E19D5D91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{320124A7-D70F-41DE-A9D1-D5E8E19D5D91} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\RAC\RACAgent => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RACAgent => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CFDC0C7-6870-4678-8DB8-35F77C8031A2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CFDC0C7-6870-4678-8DB8-35F77C8031A2} => Key deleted successfully.
C:\Windows\System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{561375CB-FF5A-417B-B297-BA73DE149581} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{561375CB-FF5A-417B-B297-BA73DE149581} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wired\GatherWiredInfo => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57030356-4699-4E1F-9939-F9D4460CD4DA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57030356-4699-4E1F-9939-F9D4460CD4DA} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5936C79A-731F-4716-BE59-35B58194ECE5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5936C79A-731F-4716-BE59-35B58194ECE5} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74741983-CE0F-4014-BC20-7F0334C2A495} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74741983-CE0F-4014-BC20-7F0334C2A495} => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78DABEC8-68B8-4590-81BD-4532D98F07C2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78DABEC8-68B8-4590-81BD-4532D98F07C2} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\MUI\LPRemove => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8531C02A-F529-4346-B16D-319A127D220F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8531C02A-F529-4346-B16D-319A127D220F} => Key deleted successfully.
C:\Windows\System32\Tasks\CCleanerSkipUAC => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{858BD5FB-61C3-4D83-8392-B9855BE4DF1D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{858BD5FB-61C3-4D83-8392-B9855BE4DF1D} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89194558-47E7-4A9E-B507-6C91CE4E6504} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89194558-47E7-4A9E-B507-6C91CE4E6504} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99B9521C-F109-4B7B-BDDF-99CF656525E0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99B9521C-F109-4B7B-BDDF-99CF656525E0} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A61555D3-7840-45C1-A5A9-0D49851DE37A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A61555D3-7840-45C1-A5A9-0D49851DE37A} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A728AE6B-5AB8-4223-AD3E-E6341441A01C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A728AE6B-5AB8-4223-AD3E-E6341441A01C} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\System\ConvertLogEntries => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF1F143E-1DA6-4839-9637-4C76E90CBD94} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF1F143E-1DA6-4839-9637-4C76E90CBD94} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\WSHReset => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3AFD228-6280-47EC-B81D-5969294364F8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3AFD228-6280-47EC-B81D-5969294364F8} => Key deleted successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} => Key deleted successfully.
C:\Windows\System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wireless\GatherWirelessInfo => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED31815B-D641-45BC-BBB0-C512D9E6DB34} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED31815B-D641-45BC-BBB0-C512D9E6DB34} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ManualDefrag => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F493F569-3741-4BE1-81D2-064CB62A410E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F493F569-3741-4BE1-81D2-064CB62A410E} => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBBCF8E5-5D94-41C2-851E-73BD6697474E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBBCF8E5-5D94-41C2-851E-73BD6697474E} => Key deleted successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => Moved successfully.
C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => Moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => Moved successfully.
C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully.

==== End of Fixlog ====

# AdwCleaner v3.020 - Report created 03/03/2014 at 19:40:48
# Updated 27/02/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Seward - SEWARD-PC
# Running from : C:\Users\Seward\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\Description

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19499


-\\ Google Chrome v

[ File : C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5035 octets] - [26/12/2013 01:53:00]
AdwCleaner[R1].txt - [925 octets] - [03/03/2014 19:37:36]
AdwCleaner[S0].txt - [5200 octets] - [26/12/2013 01:55:50]
AdwCleaner[S1].txt - [849 octets] - [03/03/2014 19:40:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [908 octets] ##########
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12979
 
   Posted 3/4/2014 2:56 PM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Please tell how things are running now ?


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

uvideovirus
New Member


Date Joined Mar 2014
Total Posts : 5
 
   Posted 3/5/2014 6:22 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
Everything seems to be running fine. Nothing strange happening at startup anymore.

Is it okay to uninstall all those programs now?
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12979
 
   Posted 3/5/2014 10:49 AM (GMT +3)    Quote: Uvideo virus prompting install of uplayer at startupAlert an admin about: Uvideo virus prompting install of uplayer at startup
That´s good news.




Let's clear the tools:


Please download: Delfix


by "Xplode" to your Desktop.

Run the tool and check the following boxes below;
• Remove disinfection tools
• Create registry backup
• Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 
New Topic Locked Topic Printable version of : Uvideo virus prompting install of uplayer at startup
 
Forum Information
Currently it is Thursday, October 23, 2014 9:34 PM (GMT +3)
There are a total of 60,687 posts in 13,331 threads.
In the last 3 days there were 2 new threads and 23 reply posts. View Active Threads
Who's Online
This forum has 36548 registered members. Please welcome our newest member, nudey.
6 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Errors, warnings, infections, trojans and junk (23)10/23/2014 4:02:12 PM (Deb1957)
I very satisfy of this product and I decide to buy it (0)10/21/2014 12:33:09 AM (jaksum)