Uvideo virus prompting install of uplayer at startup

Posted 3/2/2014 7:18 AM
#96702
User avatar

uvideovirus Member

Date Joined Nov 2016
Total Posts: 5
Hi there. I was getting a prompt everytime at startup that told me download this uplayer program and also to run some defaultpage.exe command. Interestingly, after I ran malwarebytes scan and restarted by computer, the problem no longer occurred. But just to make sure, I decided to make a post anyway. Here are my logs. Also, some reason the HiJack this tool just gave me an empty file. Not sure if I did something wrong or what, but if it's absolutely necessary to solve my problem, please suggest something that I could do. Thanks so much in advance. <br/> <br/> <br/> <br/>Malwarebytes Anti-Malware 1.75.0.1300 <br/>www.malwarebytes.org <br/> <br/>Database version: v2014.03.02.02 <br/> <br/>Windows Vista Service Pack 2 x86 NTFS <br/>Internet Explorer 8.0.6001.19499 <br/>Seward :: SEWARD-PC [administrator] <br/> <br/>3/1/2014 7:06:58 PM <br/>mbam-log-2014-03-01 (19-06-58).txt <br/> <br/>Scan type: Full scan (C:\|D:\|) <br/>Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM <br/>Scan options disabled: P2P <br/>Objects scanned: 419581 <br/>Time elapsed: 3 hour(s), 35 minute(s), 23 second(s) <br/> <br/>Memory Processes Detected: 0 <br/>(No malicious items detected) <br/> <br/>Memory Modules Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Keys Detected: 0 <br/>(No malicious items detected) <br/> <br/>Registry Values Detected: 1 <br/>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|autoauto (Trojan.Agent.BT) -> Data: c.bat -> Quarantined and deleted successfully. <br/> <br/>Registry Data Items Detected: 0 <br/>(No malicious items detected) <br/> <br/>Folders Detected: 0 <br/>(No malicious items detected) <br/> <br/>Files Detected: 8 <br/>C:\a\uplayermediaplayer-setup.exe (PUP.Optional.FullSpectrumAdmin) -> Quarantined and deleted successfully. <br/>C:\Program Files\ICCup\Launcher\iccwc3.icc (PUP.GameTool) -> Quarantined and deleted successfully. <br/>C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. <br/>C:\Users\Seward\Downloads\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. <br/>C:\Users\Seward\Downloads\Super.CH01.TVBN.rmvb.exe (PUP.Optional.Installex) -> Quarantined and deleted successfully. <br/>C:\Users\Seward\Downloads\HDvideo-v4.exe (PUP.Optional.FullSpectrumAdmin) -> Quarantined and deleted successfully. <br/>C:\Users\Seward\Downloads\starcraft\SETUP.EXE (Hacktool.Crk) -> Quarantined and deleted successfully. <br/>C:\Windows\System32\c.bat (Trojan.Agent.BT) -> Quarantined and deleted successfully. <br/> <br/>(end) <br/> <br/>DDS (Ver_2012-11-20.01) - NTFS_x86 <br/>Internet Explorer: 8.0.6001.19499 BrowserJavaVersion: 10.51.2 <br/>Run by Seward at 23:01:44 on 2014-03-01 <br/>Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.1046 [GMT -8:00] <br/>. <br/>AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} <br/>SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} <br/>SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/>. <br/>============== Running Processes ================ <br/>. <br/>C:\PROGRA~1\AVG\AVG10\avgchsvx.exe <br/>C:\Windows\system32\wininit.exe <br/>C:\Windows\system32\lsm.exe <br/>C:\Windows\system32\SLsvc.exe <br/>C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe <br/>C:\Windows\System32\spoolsv.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe <br/>C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>C:\Program Files\Bonjour\mDNSResponder.exe <br/>C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe <br/>C:\Program Files\AVG\AVG10\avgnsx.exe <br/>C:\Windows\system32\msiexec.exe <br/>C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe <br/>C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe <br/>C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe <br/>C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe <br/>C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe <br/>C:\Windows\system32\SearchIndexer.exe <br/>C:\Windows\system32\DRIVERS\xaudio.exe <br/>C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE <br/>C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe <br/>c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe <br/>c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe <br/>c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe <br/>c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe <br/>c:\Program Files\Microsoft SQL Server\100\COM\logread.exe <br/>c:\Program Files\Microsoft SQL Server\100\COM\logread.exe <br/>c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe <br/>C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe <br/>C:\Windows\system32\taskeng.exe <br/>C:\Windows\system32\Dwm.exe <br/>C:\Windows\Explorer.EXE <br/>C:\Windows\servicing\TrustedInstaller.exe <br/>C:\Program Files\Apoint2K\Apoint.exe <br/>C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe <br/>C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe <br/>C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe <br/>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe <br/>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe <br/>C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>C:\Windows\System32\C2MP\UpdateChecker.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Program Files\Apoint2K\ApMsgFwd.exe <br/>C:\Program Files\Apoint2K\Apntex.exe <br/>C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe <br/>C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe <br/>C:\PROGRA~1\AVG\AVG10\avgrsx.exe <br/>C:\Program Files\AVG\AVG10\avgcsrvx.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>C:\Windows\system32\SearchProtocolHost.exe <br/>C:\Windows\system32\SearchFilterHost.exe <br/>C:\Windows\system32\wbem\wmiprvse.exe <br/>C:\Windows\system32\svchost.exe -k DcomLaunch <br/>C:\Windows\system32\svchost.exe -k rpcss <br/>C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted <br/>C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k netsvcs <br/>C:\Windows\system32\svchost.exe -k GPSvcGroup <br/>C:\Windows\system32\svchost.exe -k LocalService <br/>C:\Windows\system32\svchost.exe -k NetworkService <br/>C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork <br/>C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted <br/>C:\Windows\system32\svchost.exe -k imgsvc <br/>C:\Windows\System32\svchost.exe -k WerSvcGroup <br/>C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation <br/>. <br/>============== Pseudo HJT Report =============== <br/>. <br/>uStart Page = about:blank <br/>uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop <br/>BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll <br/>BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL <br/>BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll <br/>BHO: HP Print Clips: {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\program files\hp\smart web printing\hpswp_framework.dll <br/>uRun: [Google Update] "c:\users\seward\appdata\local\google\update\GoogleUpdate.exe" /c <br/>uRun: [Facebook Update] "c:\users\seward\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver <br/>mRun: [Apoint] c:\program files\apoint2k\Apoint.exe <br/>mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe <br/>mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe <br/>mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide <br/>mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe <br/>mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe <br/>mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe <br/>mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices <br/>mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe <br/>mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" <br/>mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0" <br/>mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" <br/>mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" <br/>dRun: [VistaBatterySaver] c:\program files\sharpsoft\vista battery saver\VistaBatterySaver.exe <br/>StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\codecp~1.lnk - c:\windows\system32\c2mp\UpdateChecker.exe <br/>mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 <br/>mPolicies-System: EnableUIADesktopToggle = dword:0 <br/>IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 <br/>IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 <br/>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll <br/>IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll <br/>IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll <br/>IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll <br/>DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} - hxxp://www.worldwinner.com/games/v53/wwspades/wwspades.cab <br/>TCP: NameServer = 192.168.1.254 <br/>TCP: Interfaces\{42F48A52-723F-400C-ADC5-27B3FACC4B03} : DHCPNameServer = 192.168.1.254 <br/>TCP: Interfaces\{7DD10482-45EB-4D87-BE4C-FBACFA939231} : DHCPNameServer = 192.168.1.254 <br/>Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL <br/>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll <br/>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll <br/>Notify: igfxcui - igfxdev.dll <br/>LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg <br/>. <br/>============= SERVICES / DRIVERS =============== <br/>. <br/>R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992] <br/>R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592] <br/>R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-12 255968] <br/>R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896] <br/>R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168] <br/>R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664] <br/>R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072] <br/>R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520] <br/>R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] <br/>R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2013-6-28 14624] <br/>R2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\microsoft sql server\100\dts\binn\MsDtsSrvr.exe [2011-4-24 214880] <br/>R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\microsoft sql server\msrs10_50.mssqlserver\reporting services\reportserver\bin\ReportingServicesService.exe [2011-4-24 1177952] <br/>R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-10-9 3275136] <br/>R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480] <br/>R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144] <br/>R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 28624] <br/>R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\microsoft sql server\mssql10_50.mssqlserver\mssql\binn\fdlauncher.exe [2010-4-3 28512] <br/>R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480] <br/>S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] <br/>S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680] <br/>S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-6-23 83864] <br/>S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] <br/>S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-6-23 181784] <br/>S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] <br/>S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168] <br/>S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896] <br/>S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608] <br/>. <br/>=============== Created Last 30 ================ <br/>. <br/>2014-03-02 03:06:11 -------- d-----w- c:\users\seward\appdata\roaming\Malwarebytes <br/>2014-03-02 03:05:55 -------- d-----w- c:\programdata\Malwarebytes <br/>2014-03-02 03:05:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys <br/>2014-03-02 03:05:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware <br/>2014-02-28 04:12:31 -------- d-----w- c:\users\seward\appdata\roaming\Intuit <br/>2014-02-28 04:09:04 -------- d-----w- c:\program files\common files\Intuit <br/>2014-02-28 04:08:43 -------- d-----w- c:\program files\TurboTax <br/>2014-02-28 04:07:06 -------- d-----w- c:\programdata\Intuit <br/>2014-02-26 11:03:18 -------- d-----w- c:\windows\Migration <br/>2014-02-09 20:00:16 -------- d-----w- C:\a <br/>. <br/>==================== Find3M ==================== <br/>. <br/>2014-02-22 03:32:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl <br/>2014-02-22 03:32:33 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe <br/>2014-02-02 20:10:57 916992 ----a-w- c:\windows\system32\wininet.dll <br/>2014-02-02 20:10:34 43520 ----a-w- c:\windows\system32\licmgr10.dll <br/>2014-02-02 20:10:31 1469440 ----a-w- c:\windows\system32\inetcpl.cpl <br/>2014-02-02 20:10:29 71680 ----a-w- c:\windows\system32\iesetup.dll <br/>2014-02-02 20:10:29 109056 ----a-w- c:\windows\system32\iesysprep.dll <br/>2014-02-02 20:10:22 18944 ----a-w- c:\windows\system32\corpol.dll <br/>2014-02-01 22:54:13 385024 ----a-w- c:\windows\system32\html.iec <br/>2014-02-01 22:47:08 133632 ----a-w- c:\windows\system32\ieUnatt.exe <br/>2014-02-01 22:46:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb <br/>2013-12-22 15:42:15 420864 ----a-w- c:\windows\system32\vbscript.dll <br/>2013-12-19 05:10:01 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll <br/>2013-12-05 02:12:37 1248768 ----a-w- c:\windows\system32\msxml3.dll <br/>. <br/>============= FINISH: 23:04:23.70 =============== <br/> <br/>. <br/>UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. <br/>IF REQUESTED, ZIP IT UP & ATTACH IT <br/>. <br/>DDS (Ver_2012-11-20.01) <br/>. <br/>Microsoft® Windows Vista™ Home Premium <br/>Boot Device: \Device\HarddiskVolume1 <br/>Install Date: 7/2/2008 3:44:33 PM <br/>System Uptime: 3/1/2014 10:53:13 PM (1 hours ago) <br/>. <br/>Motherboard: Wistron | | 30CD <br/>Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1833/667mhz <br/>. <br/>==== Disk Partitions ========================= <br/>. <br/>C: is FIXED (NTFS) - 221 GiB total, 53.875 GiB free. <br/>D: is FIXED (NTFS) - 12 GiB total, 1.991 GiB free. <br/>E: is CDROM () <br/>. <br/>==== Disabled Device Manager Items ============= <br/>. <br/>Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} <br/>Description: Microsoft 6to4 Adapter <br/>Device ID: ROOT\*6TO4MP\0011 <br/>Manufacturer: Microsoft <br/>Name: Microsoft 6to4 Adapter <br/>PNP Device ID: ROOT\*6TO4MP\0011 <br/>Service: tunnel <br/>. <br/>Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318} <br/>Description: AZLTDURB IDE Controller <br/>Device ID: ACPI\PNPA000\4&5D18F2DF&0 <br/>Manufacturer: (Standard mass storage controllers) <br/>Name: AZLTDURB IDE Controller <br/>PNP Device ID: ACPI\PNPA000\4&5D18F2DF&0 <br/>Service: afucvyr4 <br/>. <br/>==== System Restore Points =================== <br/>. <br/>. <br/>==== Installed Programs ====================== <br/>. <br/>7-Zip 9.20 <br/>Acrobat.com <br/>Activation Assistant for the 2007 Microsoft Office suites <br/>Ad-Aware <br/>Adobe AIR <br/>Adobe Flash Player 12 ActiveX <br/>Adobe Flash Player 12 Plugin <br/>Adobe Reader X (10.1.9) <br/>Adobe Shockwave Player <br/>AIM 7 <br/>Apple Application Support <br/>Apple Mobile Device Support <br/>Apple Software Update <br/>AVG 2011 <br/>Bonjour <br/>Cards_Calendar_OrderGift_DoMorePlugout <br/>CCleaner <br/>Cisco WebEx Meetings <br/>Citrix Online Launcher <br/>Compatibility Pack for the 2007 Office system <br/>Conexant HD Audio <br/>CyberLink YouCam <br/>Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition <br/>DVD Suite <br/>Facebook Video Calling 2.0.0.447 <br/>Fotobounce <br/>GDR 1617 for SQL Server 2008 R2 (KB2494088) <br/>Google Chrome <br/>Google Talk Plugin <br/>Hauppauge MCE XP/Vista Software Encoder (2.0.25149) <br/>HDAUDIO Soft Data Fax Modem with SmartCP <br/>Hewlett-Packard Active Check <br/>Hewlett-Packard Asset Agent for Health Check <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) <br/>Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) <br/>Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) <br/>Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) <br/>Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) <br/>Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) <br/>Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) <br/>HP Active Support Library <br/>HP Customer Experience Enhancements <br/>HP Doc Viewer <br/>HP Easy Setup - Frontend <br/>HP Help and Support <br/>HP Photosmart Essential 2.5 <br/>HP Quick Launch Buttons 6.30 E1 <br/>HP QuickPlay 3.6 <br/>HP QuickTouch 1.00 C4 <br/>HP Smart Web Printing <br/>HP Total Care Advisor <br/>HP Update <br/>HP User Guides 0090 <br/>HP Wireless Assistant <br/>HPNetworkAssistant <br/>HPPhotoSmartDiscLabel_PaperLabel <br/>HPPhotoSmartDiscLabel_PrintOnDisc <br/>HPPhotoSmartDiscLabel_Tattoo <br/>HPPhotoSmartDiscLabelContent1 <br/>hpphotosmartdisclabelplugin <br/>HPPhotoSmartPhotobookHolidayPack1 <br/>HPPhotoSmartPhotobookModernPack1 <br/>HPPhotoSmartPhotobookPlayfulPack1 <br/>HPPhotoSmartPhotobookScrapbookPack1 <br/>HPPhotoSmartPhotobookWebPack1 <br/>ICCup Launcher <br/>Intel(R) Graphics Media Accelerator Driver <br/>Java 7 Update 51 <br/>Java Auto Updater <br/>Java(TM) 6 Update 2 <br/>Java(TM) 6 Update 29 <br/>Java(TM) SE Development Kit 7 Update 1 <br/>JavaFX 2.1.1 <br/>LabelPrint <br/>Malwarebytes Anti-Malware version 1.75.0.1300 <br/>Marvell Miniport Driver <br/>Media Player Codec Pack 4.2.7 <br/>Microsoft .NET Framework 3.5 SP1 <br/>Microsoft .NET Framework 4.5.1 <br/>Microsoft Application Error Reporting <br/>Microsoft Office 2003 Web Components <br/>Microsoft Office Access MUI (English) 2010 <br/>Microsoft Office Access Setup Metadata MUI (English) 2010 <br/>Microsoft Office Excel MUI (English) 2010 <br/>Microsoft Office Groove MUI (English) 2010 <br/>Microsoft Office InfoPath MUI (English) 2010 <br/>Microsoft Office OneNote MUI (English) 2010 <br/>Microsoft Office Outlook MUI (English) 2010 <br/>Microsoft Office PowerPoint MUI (English) 2010 <br/>Microsoft Office PowerPoint Viewer 2007 (English) <br/>Microsoft Office Professional Plus 2010 <br/>Microsoft Office Proof (English) 2010 <br/>Microsoft Office Proof (French) 2010 <br/>Microsoft Office Proof (Spanish) 2010 <br/>Microsoft Office Proofing (English) 2010 <br/>Microsoft Office Publisher MUI (English) 2010 <br/>Microsoft Office Shared MUI (English) 2010 <br/>Microsoft Office Shared Setup Metadata MUI (English) 2010 <br/>Microsoft Office Word MUI (English) 2010 <br/>Microsoft Report Viewer Redistributable 2008 (KB971119) <br/>Microsoft Report Viewer Redistributable 2008 SP1 <br/>Microsoft Silverlight <br/>Microsoft SQL Server 2008 R2 <br/>Microsoft SQL Server 2008 R2 Books Online <br/>Microsoft SQL Server 2008 R2 Native Client <br/>Microsoft SQL Server 2008 R2 Policies <br/>Microsoft SQL Server 2008 R2 RsFx Driver <br/>Microsoft SQL Server 2008 R2 Setup (English) <br/>Microsoft SQL Server 2008 Setup Support Files <br/>Microsoft SQL Server Browser <br/>Microsoft SQL Server Compact 3.5 SP2 ENU <br/>Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU <br/>Microsoft SQL Server System CLR Types <br/>Microsoft SQL Server VSS Writer <br/>Microsoft Sync Framework Runtime v1.0 (x86) <br/>Microsoft Sync Services for ADO.NET v2.0 (x86) <br/>Microsoft VC9 runtime libraries <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 <br/>Microsoft Visual C++ 2005 Redistributable <br/>Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 <br/>Microsoft Visual Studio 2008 Shell (integrated mode) - ENU <br/>Microsoft Visual Studio Tools for Applications 2.0 - ENU <br/>Microsoft Works <br/>MSXML 4.0 SP2 (KB936181) <br/>MSXML 4.0 SP2 (KB941833) <br/>MSXML 4.0 SP2 (KB954430) <br/>MSXML 4.0 SP2 (KB973688) <br/>muvee autoProducer 6.1 <br/>My HP Games <br/>NetWaiting <br/>Notepad++ <br/>OGA Notifier 2.0.0048.0 <br/>PSSWCORE <br/>Real Alternative 2.0.2 <br/>RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 <br/>Ruby 1.9.3-p448 <br/>SAMSUNG USB Driver for Mobile Phones <br/>Secure Download Manager <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) <br/>Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) <br/>Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) <br/>Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) <br/>Skype Click to Call <br/>Skype™ 6.9 <br/>SQL Server 2008 R2 Analysis Services <br/>SQL Server 2008 R2 BI Development Studio <br/>SQL Server 2008 R2 Client Tools <br/>SQL Server 2008 R2 Common Files <br/>SQL Server 2008 R2 Database Engine Services <br/>SQL Server 2008 R2 Database Engine Shared <br/>SQL Server 2008 R2 Full text search <br/>SQL Server 2008 R2 Integration Services <br/>SQL Server 2008 R2 Management Studio <br/>SQL Server 2008 R2 Reporting Services <br/>Sql Server Customer Experience Improvement Program <br/>SSH Secure Shell <br/>Touch Pad Driver <br/>TurboTax 2013 <br/>TurboTax 2013 wcaiper <br/>TurboTax 2013 WinPerFedFormset <br/>TurboTax 2013 WinPerReleaseEngine <br/>TurboTax 2013 WinPerTaxSupport <br/>TurboTax 2013 wrapper <br/>Update for Microsoft .NET Framework 3.5 SP1 (KB963707) <br/>Update for Microsoft Office 2010 (KB2494150) <br/>Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition <br/>Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition <br/>VC80CRTRedist - 8.0.50727.6195 <br/>VideoToolkit01 <br/>VLC media player 1.1.3 <br/>WeatherBug Gadget <br/>Windows Media Player Firefox Plugin <br/>WinRAR 4.01 (32-bit) <br/>. <br/>==== End Of File ===========================
Posted 3/3/2014 1:46 AM
#96703
User avatar

uvideovirus Member

Date Joined Nov 2016
Total Posts: 5
Any moderators available to take a look at this?
Posted 3/3/2014 3:59 AM
#96704
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Hi uvideovirus <br/> <br/> <br/> <br/> <br/> <br/>Please download <br/>Farbar Recovery Scan Tool <br/>and save it to your Desktop. <br/> <br/> <br/>[color=green]Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. <br/>Only one of them will run on your system, that will be the right version.[/color] <br/> <br/> <br/>[LIST] <br/>Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. <br/>Press Scan button. <br/>It will produce a log called FRST.txt in the same directory the tool is run from. <br/>Please copy and paste log back here. <br/>The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. <br/>[/LIST] <br/> <br/> <br/> <br/>Open notepad and copy/paste the text present inside the code box below. <br/>To do this highlight the contents of the box and right click on it. Paste this into the open notepad. <br/> <br/>NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system <br/> <br/>Save notepad as fixlist.txt <br/>NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. <br/> <br/> <br/>Run FRST/FRST64 and press the Fix button just once and wait. <br/>If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart. <br/>The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply. <br/> <br/>Note: If the tool warned you about the outdated version please download and run the updated version.

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/3/2014 8:14 AM
#96705
User avatar

uvideovirus Member

Date Joined Nov 2016
Total Posts: 5
Below are FRST.txt and Addition.txt. I'm honestly not sure what you meant to put it fixlist.txt Can you put a little more specific? Do I copy paste FRST and Addition into fixlist.txt? <br/> <br/>Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-03-2014 <br/>Ran by Seward (administrator) on SEWARD-PC on 03-03-2014 00:08:11 <br/>Running from C:\Users\Seward\Downloads <br/>Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US) <br/>Internet Explorer Version 8 <br/>Boot Mode: Normal <br/> <br/>The only official download link for FRST: <br/>Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ <br/>Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ <br/>Download link from any site other than Bleeping Computer is unpermitted or outdated. <br/>See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ <br/> <br/>==================== Processes (Whitelisted) ================= <br/> <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgchsvx.exe <br/>(Microsoft Corporation) C:\Windows\system32\SLsvc.exe <br/>(Lavasoft) C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe <br/>(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe <br/>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe <br/>(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe <br/>(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe <br/>(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE <br/>(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe <br/>(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe <br/>(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe <br/>(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\logread.exe <br/>(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe <br/>(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe <br/>(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe <br/>( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe <br/>(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe <br/>(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe <br/>(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe <br/>(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe <br/>() C:\Windows\System32\C2MP\UpdateChecker.exe <br/>(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe <br/>(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apntex.exe <br/>() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe <br/>() C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgrsx.exe <br/>(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe <br/>(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe <br/>(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\distrib.exe <br/>(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\100\COM\logread.exe <br/>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Microsoft Corporation) C:\Windows\System32\mobsync.exe <br/>(International Cyber Cup) C:\Program Files\ICCup\Launcher\Launcher.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/>(Google Inc.) C:\Users\Seward\AppData\Local\Google\Chrome\Application\chrome.exe <br/> <br/> <br/>==================== Registry (Whitelisted) ================== <br/> <br/>HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [159744 2007-03-11] (Alps Electric Co., Ltd.) <br/>HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174616 2007-07-24] (Intel Corporation) <br/>HKLM\...\Run: [OnScreenDisplay] - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [554320 2007-09-04] ( Hewlett-Packard Development Company, L.P.) <br/>HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation) <br/>HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [80896 2008-06-01] (Hewlett-Packard) <br/>HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-09-13] (Hewlett-Packard Development Company, L.P.) <br/>HKLM\...\Run: [WAWifiMessage] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [311296 2007-01-08] (Hewlett-Packard Development Company, L.P.) <br/>HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation) <br/>HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.) <br/>HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) <br/>HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.) <br/>HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) <br/>HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) <br/>HKU\.DEFAULT\...\Run: [VistaBatterySaver] - C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe <br/>HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter <br/>HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\Run: [Google Update] - C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-09-04] (Google Inc.) <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\Run: [Facebook Update] - C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.) <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: F - F:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: J - J:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {21a3c60a-dba5-11e2-8e2a-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {400a7b8e-4d1f-11e3-b195-001d726593f6} - G:\iLinker.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd62d-e78c-11e1-ba08-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd645-e78c-11e1-ba08-001d726593f6} - "N:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {5dd2a826-c42b-11df-bc41-001d726593f6} - G:\SETUP.EXE <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {6dbb92f1-2f7c-11e1-b4d8-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eae7b-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eaf65-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {a15dc4ed-2e71-11e1-be64-001d726593f6} - K:\TLBootstrap_WPP.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d0b53275-f595-11e2-bcc5-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d3a64da1-1d03-11de-b2aa-001d726593f6} - F:\SETUP.EXE <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {ee406826-8e8f-11dd-8846-001d726593f6} - F:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! <br/> <br/>==================== Internet (Whitelisted) ==================== <br/> <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop <br/>HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch <br/>HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home <br/>HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome <br/>HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch <br/>HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch <br/>SearchScopes: HKLM - DefaultScope value is missing. <br/>SearchScopes: HKLM - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt <br/>SearchScopes: HKLM - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd <br/>SearchScopes: HKCU - DefaultScope {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms} <br/>SearchScopes: HKCU - {0188a726-3ac6-4096-85c4-27ed8b6a048a} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=bu10aiminstabie7 <br/>SearchScopes: HKCU - {BDC84F4A-C50D-4ABC-98DF-9AFAC4E99DC5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms} <br/>SearchScopes: HKCU - {C689ACFE-7C90-430D-A48E-EC886E13220B} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd <br/>BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) <br/>BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) <br/>BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) <br/>BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.) <br/>Toolbar: HKLM - No Name - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File <br/>DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab <br/>DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab <br/>DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab <br/>DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinner.com/games/v53/wwspades/wwspades.cab <br/>Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) <br/>Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) <br/>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) <br/>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) <br/>Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) <br/>Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 <br/> <br/>Chrome: <br/>======= <br/>CHR HomePage: <br/>CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll () <br/>CHR Plugin: (Shockwave Flash) - C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll () <br/>CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer <br/>CHR Plugin: (Native Client) - C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll () <br/>CHR Plugin: (Chrome PDF Viewer) - C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll () <br/>CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) <br/>CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc) <br/>CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npatgpc.dll (Cisco WebEx LLC) <br/>CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) <br/>CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) <br/>CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) <br/>CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) <br/>CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) <br/>CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) <br/>CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) <br/>CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\Seward\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) <br/>CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Seward\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) <br/>CHR Plugin: (Google Update) - C:\Users\Seward\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File <br/>CHR Plugin: (Google Talk Plugin) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) <br/>CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () <br/>CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Seward\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) <br/>CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) <br/>CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) <br/>CHR Extension: (Angry Birds) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-05-11] <br/>CHR Extension: (Adblock Plus) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-08-05] <br/>CHR Extension: (Photo Zoom for Facebook) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2013-08-26] <br/>CHR Extension: (AdBlock) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-08-05] <br/>CHR Extension: (InstaTwit) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhalcamddihdpdgdjkjbgikgobnbbpif [2013-11-23] <br/>CHR Extension: (The Great Suspender) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2013-09-21] <br/>CHR Extension: (Skype Click to Call) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-01] <br/>CHR Extension: (Reload All Tabs) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\midkcinmplflbiflboepnahkboeonkam [2013-09-21] <br/>CHR Extension: (Google Wallet) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01] <br/>CHR Extension: (My Chrome Theme) - C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2013-09-22] <br/>CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09] <br/> <br/>========================== Services (Whitelisted) ================= <br/> <br/>R2 aawservice; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-08-22] (Lavasoft) <br/>R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.) <br/>R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.) <br/>S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-03-05] (Hewlett-Packard Development Company, L.P.) <br/>R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard) <br/>R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [214880 2011-04-24] (Microsoft Corporation) <br/>R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [28512 2010-04-03] (Microsoft Corporation) <br/>R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [42872672 2011-04-24] (Microsoft Corporation) <br/>R2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe [25768800 2010-04-03] (Microsoft Corporation) <br/>S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation) <br/>S3 npggsvc; C:\Windows\system32\GameMon.des [2794234 2009-02-17] (INCA Internet Co., Ltd.) <br/>R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1177952 2011-04-24] (Microsoft Corporation) <br/>R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.) <br/>R2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [367456 2011-04-24] (Microsoft Corporation) <br/>S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-20] (Microsoft Corporation) <br/>S2 QPCapSvc; "C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe" [X] <br/>S2 QPSched; "C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe" [X] <br/> <br/>==================== Drivers (Whitelisted) ==================== <br/> <br/>R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. ) <br/>R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. ) <br/>R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. ) <br/>R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. ) <br/>R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.) <br/>R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.) <br/>R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.) <br/>R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-04] (AVG Technologies CZ, s.r.o.) <br/>S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [183352 2007-10-01] (Conexant Systems Inc.) <br/>R3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-11] (Hewlett-Packard Development Company, L.P.) <br/>S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28816 2008-09-26] (Logitech, Inc.) <br/>S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation) <br/>S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation) <br/>R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-07-10] (Duplex Secure Ltd.) <br/>R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [194362 2009-04-08] (Jungo) <br/>S3 apf001; \??\C:\Users\Seward\Desktop\SoftnyxGame\GunboundIS\apf001.sys [X] <br/>U1 eabfiltr; <br/>S3 IpInIp; system32\DRIVERS\ipinip.sys [X] <br/>S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] <br/>S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] <br/>S3 SymIMMP; system32\DRIVERS\SymIM.sys [X] <br/>S3 USBAAPL; System32\Drivers\usbaapl.sys [X] <br/>U3 afucvyr4; No ImagePath <br/>U3 mbr; \??\C:\Users\Seward\AppData\Local\Temp\mbr.sys [X] <br/> <br/>==================== NetSvcs (Whitelisted) =================== <br/> <br/> <br/>==================== One Month Created Files and Folders ======== <br/> <br/>2014-03-03 00:08 - 2014-03-03 00:08 - 00022766 _____ () C:\Users\Seward\Downloads\FRST.txt <br/>2014-03-03 00:08 - 2014-03-03 00:08 - 00000000 ____D () C:\FRST <br/>2014-03-03 00:07 - 2014-03-03 00:07 - 01145344 _____ (Farbar) C:\Users\Seward\Downloads\FRST.exe <br/>2014-03-02 10:46 - 2014-03-02 11:27 - 00001590 _____ () C:\Windows\setupact.log <br/>2014-03-02 10:46 - 2014-03-02 10:46 - 00000000 _____ () C:\Windows\setuperr.log <br/>2014-03-01 23:32 - 2014-03-01 23:32 - 00000123 _____ () C:\Users\Seward\Desktop\programs new pc.txt <br/>2014-03-01 23:09 - 2014-03-01 23:09 - 00001950 _____ () C:\Users\Seward\Desktop\HiJackThis.lnk <br/>2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis <br/>2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Program Files\Trend Micro <br/>2014-03-01 23:08 - 2014-03-01 23:08 - 01402880 _____ () C:\Users\Seward\Downloads\HijackThis.msi <br/>2014-03-01 23:05 - 2014-03-01 23:05 - 00007765 _____ () C:\Users\Seward\Desktop\attach.txt <br/>2014-03-01 23:05 - 2014-03-01 23:04 - 00014397 _____ () C:\Users\Seward\Desktop\dds.txt <br/>2014-03-01 23:02 - 2014-03-01 23:02 - 00921000 _____ (Oracle Corporation) C:\Users\Seward\Downloads\chromeinstall-7u51.exe <br/>2014-03-01 23:01 - 2014-03-01 23:01 - 00688992 ____R (Swearware) C:\Users\Seward\Downloads\dds.scr <br/>2014-03-01 22:53 - 2014-03-01 22:53 - 00001966 _____ () C:\Windows\PFRO.log <br/>2014-03-01 19:06 - 2014-03-01 19:06 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Malwarebytes <br/>2014-03-01 19:05 - 2014-03-01 23:00 - 00000000 ____D () C:\ProgramData\Malwarebytes <br/>2014-03-01 19:05 - 2014-03-01 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Seward\Downloads\mbam-setup-1.75.0.1300.exe <br/>2014-03-01 19:05 - 2014-03-01 19:05 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>2014-03-01 19:05 - 2014-03-01 19:05 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware <br/>2014-03-01 19:05 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys <br/>2014-02-27 20:53 - 2014-02-27 20:53 - 00111360 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT <br/>2014-02-27 20:13 - 2014-03-02 22:13 - 00000000 ____D () C:\Users\Seward\Documents\TurboTax <br/>2014-02-27 20:13 - 2014-02-27 20:52 - 00000286 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc <br/>2014-02-27 20:12 - 2014-02-27 20:12 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Intuit <br/>2014-02-27 20:10 - 2014-02-27 20:10 - 00001882 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk <br/>2014-02-27 20:09 - 2014-02-27 20:09 - 00000000 ____D () C:\Program Files\Common Files\Intuit <br/>2014-02-27 20:08 - 2014-02-27 20:08 - 00000000 ____D () C:\Program Files\TurboTax <br/>2014-02-27 20:07 - 2014-02-27 20:09 - 00000000 ____D () C:\ProgramData\Intuit <br/>2014-02-12 22:54 - 2014-02-12 22:54 - 04721920 _____ (Piriform Ltd) C:\Users\Seward\Downloads\ccsetup410.exe <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll <br/>2014-02-12 19:37 - 2014-02-02 12:10 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll <br/>2014-02-12 19:37 - 2014-02-01 14:54 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec <br/>2014-02-12 19:37 - 2014-02-01 14:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe <br/>2014-02-12 19:37 - 2014-02-01 14:47 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe <br/>2014-02-12 19:37 - 2014-02-01 14:46 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb <br/>2014-02-12 19:37 - 2014-02-01 14:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe <br/>2014-02-12 19:37 - 2013-12-22 07:42 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll <br/>2014-02-12 19:37 - 2013-12-04 18:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll <br/>2014-02-09 12:00 - 2014-03-01 22:50 - 00000000 ____D () C:\a <br/> <br/>==================== One Month Modified Files and Folders ======= <br/> <br/>2014-03-03 00:08 - 2014-03-03 00:08 - 00022766 _____ () C:\Users\Seward\Downloads\FRST.txt <br/>2014-03-03 00:08 - 2014-03-03 00:08 - 00000000 ____D () C:\FRST <br/>2014-03-03 00:07 - 2014-03-03 00:07 - 01145344 _____ (Farbar) C:\Users\Seward\Downloads\FRST.exe <br/>2014-03-03 00:05 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 <br/>2014-03-03 00:05 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 <br/>2014-03-02 23:33 - 2012-03-29 05:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job <br/>2014-03-02 23:13 - 2010-09-04 12:33 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job <br/>2014-03-02 23:11 - 2010-08-31 22:39 - 01097903 _____ () C:\Windows\WindowsUpdate.log <br/>2014-03-02 23:02 - 2013-07-03 16:51 - 00000000 ____D () C:\Users\Seward\Downloads\starcraft <br/>2014-03-02 22:13 - 2014-02-27 20:13 - 00000000 ____D () C:\Users\Seward\Documents\TurboTax <br/>2014-03-02 22:12 - 2011-08-23 21:02 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job <br/>2014-03-02 20:17 - 2010-10-17 21:33 - 00000000 ____D () C:\Windows\system32\Drivers\AVG <br/>2014-03-02 20:13 - 2010-09-04 12:33 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job <br/>2014-03-02 16:12 - 2011-08-23 21:02 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job <br/>2014-03-02 11:55 - 2006-11-02 02:33 - 00918670 _____ () C:\Windows\system32\PerfStringBackup.INI <br/>2014-03-02 11:27 - 2014-03-02 10:46 - 00001590 _____ () C:\Windows\setupact.log <br/>2014-03-02 10:46 - 2014-03-02 10:46 - 00000000 _____ () C:\Windows\setuperr.log <br/>2014-03-01 23:32 - 2014-03-01 23:32 - 00000123 _____ () C:\Users\Seward\Desktop\programs new pc.txt <br/>2014-03-01 23:09 - 2014-03-01 23:09 - 00001950 _____ () C:\Users\Seward\Desktop\HiJackThis.lnk <br/>2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis <br/>2014-03-01 23:09 - 2014-03-01 23:09 - 00000000 ____D () C:\Program Files\Trend Micro <br/>2014-03-01 23:08 - 2014-03-01 23:08 - 01402880 _____ () C:\Users\Seward\Downloads\HijackThis.msi <br/>2014-03-01 23:05 - 2014-03-01 23:05 - 00007765 _____ () C:\Users\Seward\Desktop\attach.txt <br/>2014-03-01 23:04 - 2014-03-01 23:05 - 00014397 _____ () C:\Users\Seward\Desktop\dds.txt <br/>2014-03-01 23:02 - 2014-03-01 23:02 - 00921000 _____ (Oracle Corporation) C:\Users\Seward\Downloads\chromeinstall-7u51.exe <br/>2014-03-01 23:01 - 2014-03-01 23:01 - 00688992 ____R (Swearware) C:\Users\Seward\Downloads\dds.scr <br/>2014-03-01 23:00 - 2014-03-01 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes <br/>2014-03-01 22:54 - 2006-11-02 05:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT <br/>2014-03-01 22:53 - 2014-03-01 22:53 - 00001966 _____ () C:\Windows\PFRO.log <br/>2014-03-01 22:53 - 2009-04-29 22:10 - 00000000 ____D () C:\Windows\Sun <br/>2014-03-01 22:52 - 2006-11-02 05:01 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT <br/>2014-03-01 22:50 - 2014-02-09 12:00 - 00000000 ____D () C:\a <br/>2014-03-01 19:06 - 2014-03-01 19:06 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Malwarebytes <br/>2014-03-01 19:05 - 2014-03-01 19:05 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Seward\Downloads\mbam-setup-1.75.0.1300.exe <br/>2014-03-01 19:05 - 2014-03-01 19:05 - 00000906 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk <br/>2014-03-01 19:05 - 2014-03-01 19:05 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware <br/>2014-03-01 19:03 - 2008-09-06 21:24 - 00000000 ____D () C:\Windows\Minidump <br/>2014-03-01 18:41 - 2006-11-02 04:47 - 00404616 _____ () C:\Windows\system32\FNTCACHE.DAT <br/>2014-02-27 23:54 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\Microsoft.NET <br/>2014-02-27 20:53 - 2014-02-27 20:53 - 00111360 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT <br/>2014-02-27 20:52 - 2014-02-27 20:13 - 00000286 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc <br/>2014-02-27 20:12 - 2014-02-27 20:12 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Intuit <br/>2014-02-27 20:10 - 2014-02-27 20:10 - 00001882 _____ () C:\Users\Public\Desktop\TurboTax 2013.lnk <br/>2014-02-27 20:09 - 2014-02-27 20:09 - 00000000 ____D () C:\Program Files\Common Files\Intuit <br/>2014-02-27 20:09 - 2014-02-27 20:07 - 00000000 ____D () C:\ProgramData\Intuit <br/>2014-02-27 20:08 - 2014-02-27 20:08 - 00000000 ____D () C:\Program Files\TurboTax <br/>2014-02-21 19:32 - 2012-03-29 05:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe <br/>2014-02-21 19:32 - 2011-06-12 04:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl <br/>2014-02-12 22:59 - 2014-01-17 13:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox <br/>2014-02-12 22:59 - 2008-08-22 12:50 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Mozilla <br/>2014-02-12 22:58 - 2014-01-08 08:40 - 00000000 ____D () C:\Users\Seward\AppData\Local\Citrix <br/>2014-02-12 22:56 - 2008-10-15 08:43 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Media Player Classic <br/>2014-02-12 22:54 - 2014-02-12 22:54 - 04721920 _____ (Piriform Ltd) C:\Users\Seward\Downloads\ccsetup410.exe <br/>2014-02-12 22:54 - 2008-09-08 22:46 - 00000000 ____D () C:\Program Files\CCleaner <br/>2014-02-12 22:47 - 2010-10-17 21:33 - 00000000 ____D () C:\ProgramData\AVG10 <br/>2014-02-12 20:38 - 2013-08-06 02:06 - 00000000 ____D () C:\Windows\system32\MRT <br/>2014-02-12 20:27 - 2006-11-02 02:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe <br/>2014-02-09 11:59 - 2008-10-10 08:46 - 00000000 ____D () C:\Users\Seward\AppData\Roaming\Apple Computer <br/>2014-02-06 20:48 - 2010-10-08 10:21 - 00000000 ____D () C:\Program Files\Common Files\Adobe <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll <br/>2014-02-02 12:10 - 2014-02-12 19:37 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll <br/>2014-02-01 14:54 - 2014-02-12 19:37 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec <br/>2014-02-01 14:47 - 2014-02-12 19:37 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe <br/>2014-02-01 14:47 - 2014-02-12 19:37 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe <br/>2014-02-01 14:46 - 2014-02-12 19:37 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb <br/>2014-02-01 14:46 - 2014-02-12 19:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe <br/> <br/>==================== Bamital & volsnap Check ================= <br/> <br/>C:\Windows\explorer.exe => MD5 is legit <br/>C:\Windows\system32\winlogon.exe => MD5 is legit <br/>C:\Windows\system32\wininit.exe => MD5 is legit <br/>C:\Windows\system32\svchost.exe => MD5 is legit <br/>C:\Windows\system32\services.exe => MD5 is legit <br/>C:\Windows\system32\User32.dll => MD5 is legit <br/>C:\Windows\system32\userinit.exe => MD5 is legit <br/>C:\Windows\system32\rpcss.dll => MD5 is legit <br/>C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit <br/> <br/> <br/>LastRegBack: 2014-03-02 23:12 <br/> <br/>==================== End Of Log ============================ <br/> <br/>Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-03-2014 <br/>Ran by Seward at 2014-03-03 00:09:18 <br/>Running from C:\Users\Seward\Downloads <br/>Boot Mode: Normal <br/>========================================================== <br/> <br/> <br/>==================== Security Center ======================== <br/> <br/>AV: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} <br/>AS: AVG Anti-Virus Free Edition 2011 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} <br/>AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} <br/> <br/>==================== Installed Programs ====================== <br/> <br/>7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) <br/>Acrobat.com (HKLM\...\{27F00C63-449B-2FAB-CBE8-24AB80E17449}) (Version: 1.7.258 - Adobe Systems Incorporated) <br/>Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation) <br/>Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden <br/>Ad-Aware (HKLM\...\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}) (Version: 7.1.0.7 - Lavasoft) <br/>Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated) <br/>Adobe AIR (Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden <br/>Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated) <br/>Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated) <br/>Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) <br/>Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.) <br/>AIM 7 (HKLM\...\AIM_7) (Version: - ) <br/>Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) <br/>Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.) <br/>Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) <br/>AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies) <br/>AVG 2011 (Version: 10.0.1432 - AVG Technologies) Hidden <br/>AVG 2011 (Version: 10.0.3705 - AVG Technologies) Hidden <br/>Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) <br/>Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden <br/>CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform) <br/>Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) <br/>Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) <br/>Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) <br/>Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant) <br/>CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2519 - CyberLink Corp.) <br/>CyberLink YouCam (Version: 2.0.2519 - CyberLink Corp.) Hidden <br/>Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft) <br/>DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.) <br/>Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) <br/>Fotobounce (HKLM\...\{1A89C6BC-8B49-4B54-9BB2-613F7825C50E}) (Version: 2.0.0 - Applied Recognition) <br/>GDR 1617 for SQL Server 2008 R2 (KB2494088) (HKLM\...\KB2494088) (Version: 10.50.1617.0 - Microsoft Corporation) <br/>Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.) <br/>Google Talk Plugin (HKLM\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google) <br/>Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.) <br/>HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - ) <br/>Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden <br/>Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden <br/>HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) <br/>HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard) <br/>HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard) <br/>HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard) <br/>HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard) <br/>HP Help and Support (HKLM\...\{31216452-5540-4C96-B754-94890A63D5AB}) (Version: 2.0.10.0 - Hewlett-Packard) <br/>HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP) <br/>HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden <br/>HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard) <br/>HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - ) <br/>HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard) <br/>HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.0.17.0 - Hewlett-Packard) <br/>HP Smart Web Printing (Version: 3.0.17.0 - Hewlett-Packard) Hidden <br/>HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard) <br/>HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) <br/>HP User Guides 0090 (HKLM\...\{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}) (Version: 1.00.0000 - Hewlett-Packard) <br/>HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard) <br/>HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.) <br/>HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden <br/>hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden <br/>HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden <br/>ICCup Launcher (HKLM\...\ICCup Launcher_is1) (Version: 1.6 - ICCup) <br/>Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - ) <br/>Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) <br/>Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden <br/>Java(TM) 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.) <br/>Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.290 - Sun Microsystems, Inc.) <br/>Java(TM) SE Development Kit 7 Update 1 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle) <br/>JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) <br/>LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.) <br/>Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) <br/>Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.22.4.3 - Marvell) <br/>Media Player Codec Pack 4.2.7 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.7 - Media Player Codec Pack) <br/>Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) <br/>Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden <br/>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) <br/>Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden <br/>Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden <br/>Microsoft Office 2003 Web Components (HKLM\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) <br/>Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) <br/>Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) <br/>Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden <br/>Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731 - Microsoft Corporation) Hidden <br/>Microsoft Report Viewer Redistributable 2008 SP1 (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation) <br/>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) <br/>Microsoft SQL Server 2008 R2 (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) <br/>Microsoft SQL Server 2008 R2 (Version: - Microsoft Corporation) Hidden <br/>Microsoft SQL Server 2008 R2 Books Online (HKLM\...\{74F7B314-0507-4F91-9A4E-B6C9B027E410}) (Version: 10.50.1600.1 - Microsoft Corporation) <br/>Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{046755CA-F677-4B7F-AF9A-6AB295A02A30}) (Version: 10.50.1617.0 - Microsoft Corporation) <br/>Microsoft SQL Server 2008 R2 Policies (HKLM\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation) <br/>Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{76866BE3-B2C7-40BB-B267-927792AED0C3}) (Version: 10.50.1617.0 - Microsoft Corporation) <br/>Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation) <br/>Microsoft SQL Server Browser (HKLM\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation) <br/>Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) <br/>Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation) <br/>Microsoft SQL Server System CLR Types (HKLM\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation) <br/>Microsoft SQL Server VSS Writer (HKLM\...\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}) (Version: 10.50.1600.1 - Microsoft Corporation) <br/>Microsoft Sync Framework Runtime v1.0 (x86) (HKLM\...\{A8BD5A60-E843-46DC-8271-ABF20756BE0F}) (Version: 1.0.1215.0 - Microsoft Corporation) <br/>Microsoft Sync Services for ADO.NET v2.0 (x86) (HKLM\...\{C89B00A2-B72A-4935-96FC-38796E9554EC}) (Version: 2.0.1215.0 - Microsoft Corporation) <br/>Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden <br/>Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) <br/>Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) <br/>Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) <br/>Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) <br/>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) <br/>Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation) <br/>Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation) <br/>Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) <br/>MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation) <br/>MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation) <br/>MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) <br/>MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) <br/>muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies) <br/>My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent) <br/>NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc) <br/>Notepad++ (HKLM\...\Notepad++) (Version: 5.9.6.2 - ) <br/>OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden <br/>PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden <br/>Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - ) <br/>RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.52.02 - ) <br/>Ruby 1.9.3-p448 (HKCU\...\{17E73B15-62D2-43FD-B851-ACF86A8C9D25}_is1) (Version: 1.9.3-p448 - RubyInstaller Team) <br/>SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.) <br/>Secure Download Manager (HKLM\...\{6CEF2BC6-8929-44EE-8360-175513E1A49A}) (Version: 3.0.5 - e-academy Inc.) <br/>Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.) <br/>Skype™ 6.9 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.9.106 - Skype Technologies S.A.) <br/>SQL Server 2008 R2 Analysis Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 BI Development Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Client Tools (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Full text search (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Integration Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden <br/>SSH Secure Shell (HKLM\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - ) <br/>Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ) <br/>TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) <br/>TurboTax 2013 wcaiper (Version: 013.000.1149 - Intuit Inc.) Hidden <br/>TurboTax 2013 WinPerFedFormset (Version: 013.000.1790 - Intuit Inc.) Hidden <br/>TurboTax 2013 WinPerReleaseEngine (Version: 013.000.0463 - Intuit Inc.) Hidden <br/>TurboTax 2013 WinPerTaxSupport (Version: 013.000.0162 - Intuit Inc.) Hidden <br/>TurboTax 2013 wrapper (Version: 013.000.0135 - Intuit Inc.) Hidden <br/>Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation) <br/>Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) <br/>Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) <br/>Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) <br/>VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden <br/>VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden <br/>VLC media player 1.1.3 (HKLM\...\VLC media player) (Version: 1.1.3 - VideoLAN) <br/>WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden <br/>Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) <br/>WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH) <br/> <br/>==================== Restore Points ========================= <br/> <br/>05-02-2014 18:28:47 Scheduled Checkpoint <br/>10-02-2014 18:03:27 Scheduled Checkpoint <br/>12-02-2014 04:50:26 Scheduled Checkpoint <br/>13-02-2014 04:04:07 Scheduled Checkpoint <br/>13-02-2014 04:16:37 Windows Update <br/>16-02-2014 05:09:44 Scheduled Checkpoint <br/>18-02-2014 18:12:54 Scheduled Checkpoint <br/>19-02-2014 18:04:01 Scheduled Checkpoint <br/>23-02-2014 22:02:53 Scheduled Checkpoint <br/>25-02-2014 04:08:11 Scheduled Checkpoint <br/>26-02-2014 11:00:36 Windows Update <br/>27-02-2014 04:47:34 Windows Update <br/>28-02-2014 04:09:04 Installed TurboTax 2013 wrapper <br/>28-02-2014 04:58:14 Installed TurboTax 2013 wcaiper <br/>02-03-2014 07:08:56 Installed HiJackThis <br/>03-03-2014 03:20:15 Scheduled Checkpoint <br/> <br/>==================== Hosts content: ========================== <br/> <br/>2006-11-02 02:23 - 2006-09-18 13:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts <br/>127.0.0.1 localhost <br/>::1 localhost <br/> <br/>==================== Scheduled Tasks (whitelisted) ============= <br/> <br/>Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc <==== ATTENTION <br/>Task: {1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION <br/>Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM <br/>Task: {2321AC5F-26AE-4545-90CE-A37752D6D361} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () <==== ATTENTION <br/>Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI <br/>Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages <br/>Task: {3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION <br/>Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {4CFDC0C7-6870-4678-8DB8-35F77C8031A2} - System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => C:\Windows\system32\msfeedssync.exe [2014-02-01] (Microsoft Corporation) <==== ATTENTION <br/>Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION <br/>Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION <br/>Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {74741983-CE0F-4014-BC20-7F0334C2A495} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION <br/>Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {8531C02A-F529-4346-B16D-319A127D220F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) <==== ATTENTION <br/>Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION <br/>Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION <br/>Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION <br/>Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {BF1F143E-1DA6-4839-9637-4C76E90CBD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION <br/>Task: {C3AFD228-6280-47EC-B81D-5969294364F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) <==== ATTENTION <br/>Task: {D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} - System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION <br/>Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION <br/>Task: {ED31815B-D641-45BC-BBB0-C512D9E6DB34} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION <br/>Task: {F493F569-3741-4BE1-81D2-064CB62A410E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION <br/>Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION <br/>Task: {FBBCF8E5-5D94-41C2-851E-73BD6697474E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe <==== ATTENTION <br/>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <br/>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe <br/>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe <br/>Task: C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => C:\Windows\system32\msfeedssync.exe <br/> <br/>==================== Loaded Modules (whitelisted) ============= <br/> <br/>2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll <br/>2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll <br/>2011-09-24 19:19 - 2011-05-28 21:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll <br/>2013-04-18 14:42 - 2013-04-18 14:42 - 00048248 _____ () C:\Windows\System32\C2MP\UpdateChecker.exe <br/>2007-05-16 10:43 - 2007-05-16 10:43 - 00677432 ____R () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe <br/>2011-02-10 06:55 - 2011-02-10 06:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe <br/>2014-02-21 19:39 - 2014-02-19 17:02 - 00051016 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll <br/>2014-02-21 19:39 - 2014-02-19 17:03 - 04060488 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll <br/>2014-02-21 19:39 - 2014-02-19 17:03 - 00394568 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll <br/>2014-02-21 19:39 - 2014-02-19 17:02 - 01647432 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll <br/>2013-11-30 21:57 - 2013-11-30 21:57 - 04591616 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll <br/>2013-11-30 21:57 - 2013-11-30 21:57 - 00112128 _____ () C:\Users\Seward\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll <br/>2013-10-20 13:06 - 2013-07-06 15:53 - 00083968 _____ () C:\Ruby193\bin\ZLIB1.dll <br/>2013-07-03 17:01 - 2013-03-06 19:08 - 00114688 _____ () C:\Program Files\ICCup\Launcher\RepAnalyser.dll <br/> <br/>==================== Alternate Data Streams (whitelisted) ========= <br/> <br/>AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 <br/> <br/>==================== Safe Mode (whitelisted) =================== <br/> <br/>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice => ""="Service" <br/>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aawservice => ""="Service" <br/> <br/>==================== Disabled items from MSCONFIG ============== <br/> <br/>MSCONFIG\Services: WSearch => 2 <br/>MSCONFIG\startupfolder: C:^Users^Seward^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TokBox.lnk => C:\Windows\pss\TokBox.lnk.Startup <br/>MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe" <br/> <br/>==================== Faulty Device Manager Devices ============= <br/> <br/>Name: Microsoft 6to4 Adapter <br/>Description: Microsoft 6to4 Adapter <br/>Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} <br/>Manufacturer: Microsoft <br/>Service: tunnel <br/>Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) <br/>Resolution: Update the driver <br/> <br/>Name: AZLTDURB IDE Controller <br/>Description: AZLTDURB IDE Controller <br/>Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318} <br/>Manufacturer: (Standard mass storage controllers) <br/>Service: afucvyr4 <br/>Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39) <br/>Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded. <br/>Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver. <br/> <br/> <br/>==================== Event log errors: ========================= <br/> <br/>Application errors: <br/>================== <br/>Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 188512 <br/> <br/>Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledEvent 188512 <br/> <br/>Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: Continuously busy for more than a second <br/> <br/>Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 187514 <br/> <br/>Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledEvent 187514 <br/> <br/>Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: Continuously busy for more than a second <br/> <br/>Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 186515 <br/> <br/>Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledEvent 186515 <br/> <br/>Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: Continuously busy for more than a second <br/> <br/>Error: (03/02/2014 05:37:51 PM) (Source: Bonjour Service) (User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 185501 <br/> <br/> <br/>System errors: <br/>============= <br/>Error: (03/02/2014 11:18:34 PM) (Source: bowser) (User: ) <br/>Description: The master browser has received a server announcement from the computer YUAN-PC <br/>that believes that it is the master browser for the domain on transport NetBT_Tcpip_{42F48A52-723F-400C-ADC5-27B3FACC4B. <br/>The master browser is stopping or an election is being forced. <br/> <br/>Error: (03/02/2014 11:11:32 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) <br/>Description: 0x8000002a46\SystemRoot\System32\Config\RegBack\COMPONENTS <br/> <br/>Error: (03/02/2014 10:05:56 AM) (Source: Server) (User: ) <br/>Description: The server could not bind to the transport \Device\NetBT_Tcpip_{42F48A52-723F-400C-ADC5-27B3FACC4B03} because another computer on the network has the same name. The server could not start. <br/> <br/>Error: (03/01/2014 11:04:36 PM) (Source: bowser) (User: ) <br/>Description: The master browser has received a server announcement from the computer YUAN-PC <br/>that believes that it is the master browser for the domain on transport NetBT_Tcpip_{42F48A52-723F-400C-ADC5-27B3FACC4B. <br/>The master browser is stopping or an election is being forced. <br/> <br/>Error: (03/01/2014 10:55:19 PM) (Source: Service Control Manager) (User: ) <br/>Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%2 <br/> <br/>Error: (03/01/2014 10:55:19 PM) (Source: Service Control Manager) (User: ) <br/>Description: QuickPlay Background Capture Service (QBCS)%%2 <br/> <br/>Error: (03/01/2014 10:55:19 PM) (Source: Service Control Manager) (User: ) <br/>Description: Parallel port driver%%1058 <br/> <br/>Error: (03/01/2014 06:42:36 PM) (Source: Service Control Manager) (User: ) <br/>Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%2 <br/> <br/>Error: (03/01/2014 06:42:36 PM) (Source: Service Control Manager) (User: ) <br/>Description: QuickPlay Background Capture Service (QBCS)%%2 <br/> <br/>Error: (03/01/2014 06:42:36 PM) (Source: Service Control Manager) (User: ) <br/>Description: Parallel port driver%%1058 <br/> <br/> <br/>Microsoft Office Sessions: <br/>========================= <br/>Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 188512 <br/> <br/>Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledEvent 188512 <br/> <br/>Error: (03/02/2014 05:37:55 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: Continuously busy for more than a second <br/> <br/>Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 187514 <br/> <br/>Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledEvent 187514 <br/> <br/>Error: (03/02/2014 05:37:53 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: Continuously busy for more than a second <br/> <br/>Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 186515 <br/> <br/>Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledEvent 186515 <br/> <br/>Error: (03/02/2014 05:37:52 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: Continuously busy for more than a second <br/> <br/>Error: (03/02/2014 05:37:51 PM) (Source: Bonjour Service)(User: ) <br/>Description: Task Scheduling Error: m->NextScheduledSPRetry 185501 <br/> <br/> <br/>CodeIntegrity Errors: <br/>=================================== <br/> Date: 2014-03-03 00:08:48.843 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:48.467 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:48.115 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:47.736 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:46.323 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:45.963 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:45.607 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-03 00:08:45.261 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSDriver.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-01 23:11:54.386 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> Date: 2014-03-01 23:11:54.030 <br/> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system. <br/> <br/> <br/>==================== Memory info =========================== <br/> <br/>Percentage of memory in use: 59% <br/>Total physical RAM: 3061.61 MB <br/>Available physical RAM: 1254.64 MB <br/>Total Pagefile: 6333.49 MB <br/>Available Pagefile: 4091.89 MB <br/>Total Virtual: 2047.88 MB <br/>Available Virtual: 1901.42 MB <br/> <br/>==================== Drives ================================ <br/> <br/>Drive c: () (Fixed) (Total:221.2 GB) (Free:54.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)] <br/>Drive d: (HP_RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.99 GB) NTFS ==>[System with boot components (obtained from reading drive)] <br/> <br/>==================== MBR & Partition Table ================== <br/> <br/>======================================================== <br/>Disk: 0 (Size: 233 GB) (Disk ID: 04ACE2E4) <br/>Partition 1: (Active) - (Size=221 GB) - (Type=07 NTFS) <br/>Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS) <br/> <br/>==================== End Of Log ============================
Posted 3/3/2014 9:00 AM
#96706
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
[code] I'm honestly not sure what you meant two put it fixlist.txt Can you put a little more specific? Do I copy paste FRST and Addition into fixlist.txt? [/code] <br/> <br/> <br/> <br/>It is understandable, as it was my fault, because fixlist file are meant to be created as a fix as below. <br/> <br/> <br/> <br/>Open notepad and copy/paste the text present inside the code box below. <br/>To do this highlight the contents of the box and right click on it. Paste this into the open notepad. <br/> <br/> <br/>[code] <br/> start <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: F - F:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: J - J:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {21a3c60a-dba5-11e2-8e2a-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {400a7b8e-4d1f-11e3-b195-001d726593f6} - G:\iLinker.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd62d-e78c-11e1-ba08-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd645-e78c-11e1-ba08-001d726593f6} - "N:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {5dd2a826-c42b-11df-bc41-001d726593f6} - G:\SETUP.EXE <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {6dbb92f1-2f7c-11e1-b4d8-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eae7b-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eaf65-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {a15dc4ed-2e71-11e1-be64-001d726593f6} - K:\TLBootstrap_WPP.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d0b53275-f595-11e2-bcc5-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d3a64da1-1d03-11de-b2aa-001d726593f6} - F:\SETUP.EXE <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {ee406826-8e8f-11dd-8846-001d726593f6} - F:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! <br/>U3 afucvyr4; No ImagePath <br/>U3 mbr; \??\C:\Users\Seward\AppData\Local\Temp\mbr.sys [X] <br/>Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc <==== ATTENTION <br/>Task: {1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION <br/>Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM <br/>Task: {2321AC5F-26AE-4545-90CE-A37752D6D361} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () <==== ATTENTION <br/>Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI <br/>Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages <br/>Task: {3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION <br/>Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {4CFDC0C7-6870-4678-8DB8-35F77C8031A2} - System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => C:\Windows\system32\msfeedssync.exe [2014-02-01] (Microsoft Corporation) <==== ATTENTION <br/>Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION <br/>Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION <br/>Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {74741983-CE0F-4014-BC20-7F0334C2A495} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION <br/>Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {8531C02A-F529-4346-B16D-319A127D220F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) <==== ATTENTION <br/>Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION <br/>Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION <br/>Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION <br/>Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {BF1F143E-1DA6-4839-9637-4C76E90CBD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION <br/>Task: {C3AFD228-6280-47EC-B81D-5969294364F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) <==== ATTENTION <br/>Task: {D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} - System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION <br/>Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION <br/>Task: {ED31815B-D641-45BC-BBB0-C512D9E6DB34} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION <br/>Task: {F493F569-3741-4BE1-81D2-064CB62A410E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION <br/>Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION <br/>Task: {FBBCF8E5-5D94-41C2-851E-73BD6697474E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe <==== ATTENTION <br/>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <br/>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe <br/>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe <br/>Task: C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => C:\Windows\system32\msfeedssync.exe <br/>AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 <br/>end <br/>[/code] <br/> <br/>NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system <br/> <br/>Save notepad as fixlist.txt <br/>NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. <br/> <br/> <br/>Run FRST/FRST64 and press the Fix button just once and wait. <br/>If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart. <br/>The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply. <br/> <br/>Note: If the tool warned you about the outdated version please download and run the updated version. <br/> <br/> <br/> <br/> <br/> <br/>Please download - AdwCleaner <br/>by Xplode and save to your Desktop. <br/> <br/>Double click on AdwCleaner.exe to run the tool. <br/>• Click on the Scan button. <br/>• After the scan has finished click on the Clean button. <br/>Press OK when asked to close all programs and follow the onscreen prompts. <br/>Press OK again to allow AdwCleaner to restart the computer and complete the removal process. <br/>• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically. <br/>• Post logfile will also be saved in the C:\AdwCleaner folder. <br/> <br/>Please post it in next reply

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/4/2014 3:48 AM
#96707
User avatar

uvideovirus Member

Date Joined Nov 2016
Total Posts: 5
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-03-2014 <br/>Ran by Seward at 2014-03-03 19:12:47 Run:1 <br/>Running from C:\Users\Seward\Downloads <br/>Boot Mode: Normal <br/> <br/>============================================== <br/> <br/>Content of fixlist: <br/>***************** <br/>start <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: F - F:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: J - J:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {21a3c60a-dba5-11e2-8e2a-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {400a7b8e-4d1f-11e3-b195-001d726593f6} - G:\iLinker.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd62d-e78c-11e1-ba08-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {59bfd645-e78c-11e1-ba08-001d726593f6} - "N:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {5dd2a826-c42b-11df-bc41-001d726593f6} - G:\SETUP.EXE <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {6dbb92f1-2f7c-11e1-b4d8-001d726593f6} - "L:\WD SmartWare.exe" autoplay=true <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eae7b-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {855eaf65-12c4-11e2-9a36-001d726593f6} - K:\TL_Bootstrap.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {a15dc4ed-2e71-11e1-be64-001d726593f6} - K:\TLBootstrap_WPP.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d0b53275-f595-11e2-bcc5-001d726593f6} - F:\VZW_Software_upgrade_assistant.exe <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {d3a64da1-1d03-11de-b2aa-001d726593f6} - F:\SETUP.EXE <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...\MountPoints2: {ee406826-8e8f-11dd-8846-001d726593f6} - F:\LaunchU3.exe -a <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess? <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION! <br/>U3 afucvyr4; No ImagePath <br/>U3 mbr; \??\C:\Users\Seward\AppData\Local\Temp\mbr.sys [X] <br/>Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc <==== ATTENTION <br/>Task: {1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION <br/>Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM <br/>Task: {2321AC5F-26AE-4545-90CE-A37752D6D361} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () <==== ATTENTION <br/>Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI <br/>Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages <br/>Task: {3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-04] (Google Inc.) <==== ATTENTION <br/>Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {4CFDC0C7-6870-4678-8DB8-35F77C8031A2} - System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => C:\Windows\system32\msfeedssync.exe [2014-02-01] (Microsoft Corporation) <==== ATTENTION <br/>Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION <br/>Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION <br/>Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {74741983-CE0F-4014-BC20-7F0334C2A495} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION <br/>Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {8531C02A-F529-4346-B16D-319A127D220F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) <==== ATTENTION <br/>Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-10] (Microsoft Corporation) <==== ATTENTION <br/>Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION <br/>Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION <br/>Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION <br/>Task: {BF1F143E-1DA6-4839-9637-4C76E90CBD94} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION <br/>Task: {C3AFD228-6280-47EC-B81D-5969294364F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated) <==== ATTENTION <br/>Task: {D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} - System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION <br/>Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION <br/>Task: {ED31815B-D641-45BC-BBB0-C512D9E6DB34} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION <br/>Task: {F493F569-3741-4BE1-81D2-064CB62A410E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) <==== ATTENTION <br/>Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION <br/>Task: {FBBCF8E5-5D94-41C2-851E-73BD6697474E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe <==== ATTENTION <br/>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe <br/>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe <br/>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Facebook\Update\FacebookUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => C:\Users\Seward\AppData\Local\Google\Update\GoogleUpdate.exe <br/>Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe <br/>Task: C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => C:\Windows\system32\msfeedssync.exe <br/>AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4 <br/>end <br/>***************** <br/> <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2839089444-2725325661-240080684-1000 => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2839089444-2725325661-240080684-1000 => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21a3c60a-dba5-11e2-8e2a-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{21a3c60a-dba5-11e2-8e2a-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{400a7b8e-4d1f-11e3-b195-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{400a7b8e-4d1f-11e3-b195-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59bfd62d-e78c-11e1-ba08-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{59bfd62d-e78c-11e1-ba08-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59bfd645-e78c-11e1-ba08-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{59bfd645-e78c-11e1-ba08-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5dd2a826-c42b-11df-bc41-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{5dd2a826-c42b-11df-bc41-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6dbb92f1-2f7c-11e1-b4d8-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{6dbb92f1-2f7c-11e1-b4d8-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{855eae7b-12c4-11e2-9a36-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{855eae7b-12c4-11e2-9a36-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{855eaf65-12c4-11e2-9a36-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{855eaf65-12c4-11e2-9a36-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a15dc4ed-2e71-11e1-be64-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{a15dc4ed-2e71-11e1-be64-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d0b53275-f595-11e2-bcc5-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{d0b53275-f595-11e2-bcc5-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3a64da1-1d03-11de-b2aa-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{d3a64da1-1d03-11de-b2aa-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee406826-8e8f-11dd-8846-001d726593f6} => Key deleted successfully. <br/>HKCR\CLSID\{ee406826-8e8f-11dd-8846-001d726593f6} => Key not found. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} => Key deleted successfully. <br/>HKU\S-1-5-21-2839089444-2725325661-240080684-1000\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully. <br/>afucvyr4 => Service deleted successfully. <br/>mbr => Service deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04699375-5AFB-4BAF-9F2A-09D8C0497F4E} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04699375-5AFB-4BAF-9F2A-09D8C0497F4E} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3AF200-FADC-49E5-880E-DEE192C8B79A} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3AF200-FADC-49E5-880E-DEE192C8B79A} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11893D5E-54A0-4C6B-AB0D-D9FA527334A9} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11893D5E-54A0-4C6B-AB0D-D9FA527334A9} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B4DD3E3-39B7-49E4-8614-9E7E92232E6B} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C3D4F82-9546-4CB6-8A11-FFFF5ACED01E} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1CC81347-6204-4B83-900C-01E02F50F067} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CC81347-6204-4B83-900C-01E02F50F067} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC\TMM => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\TMM => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2321AC5F-26AE-4545-90CE-A37752D6D361} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2321AC5F-26AE-4545-90CE-A37752D6D361} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\ROC_REG_JAN_DELETE => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROC_REG_JAN_DELETE => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{320124A7-D70F-41DE-A9D1-D5E8E19D5D91} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{320124A7-D70F-41DE-A9D1-D5E8E19D5D91} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\CrawlStartPages => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C4703EE-3492-4B04-8E1A-A3F3C0F34BA6} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44980BEE-7809-44A9-AC24-D6E578A3B7DF} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\RAC\RACAgent => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RACAgent => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CFDC0C7-6870-4678-8DB8-35F77C8031A2} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CFDC0C7-6870-4678-8DB8-35F77C8031A2} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Bluetooth\UninstallDeviceTask => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{561375CB-FF5A-417B-B297-BA73DE149581} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{561375CB-FF5A-417B-B297-BA73DE149581} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wired\GatherWiredInfo => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57030356-4699-4E1F-9939-F9D4460CD4DA} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57030356-4699-4E1F-9939-F9D4460CD4DA} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5936C79A-731F-4716-BE59-35B58194ECE5} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5936C79A-731F-4716-BE59-35B58194ECE5} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74741983-CE0F-4014-BC20-7F0334C2A495} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74741983-CE0F-4014-BC20-7F0334C2A495} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78DABEC8-68B8-4590-81BD-4532D98F07C2} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78DABEC8-68B8-4590-81BD-4532D98F07C2} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8017A61C-13BD-45FB-811D-B6DB0DCAE6BC} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\MUI\LPRemove => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8531C02A-F529-4346-B16D-319A127D220F} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8531C02A-F529-4346-B16D-319A127D220F} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\CCleanerSkipUAC => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{858BD5FB-61C3-4D83-8392-B9855BE4DF1D} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{858BD5FB-61C3-4D83-8392-B9855BE4DF1D} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89194558-47E7-4A9E-B507-6C91CE4E6504} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89194558-47E7-4A9E-B507-6C91CE4E6504} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99B9521C-F109-4B7B-BDDF-99CF656525E0} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99B9521C-F109-4B7B-BDDF-99CF656525E0} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ScheduledDefrag => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A61555D3-7840-45C1-A5A9-0D49851DE37A} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A61555D3-7840-45C1-A5A9-0D49851DE37A} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A728AE6B-5AB8-4223-AD3E-E6341441A01C} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A728AE6B-5AB8-4223-AD3E-E6341441A01C} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PLA\System\ConvertLogEntries => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF1F143E-1DA6-4839-9637-4C76E90CBD94} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF1F143E-1DA6-4839-9637-4C76E90CBD94} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\WSHReset => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3AFD228-6280-47EC-B81D-5969294364F8} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3AFD228-6280-47EC-B81D-5969294364F8} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4AEE3E4-A742-467F-A264-5BEDF2A9A58E} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CAE2C2B7-2B79-4BE7-9028-60DBD273137C} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wireless\GatherWirelessInfo => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED31815B-D641-45BC-BBB0-C512D9E6DB34} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED31815B-D641-45BC-BBB0-C512D9E6DB34} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Defrag\ManualDefrag => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F493F569-3741-4BE1-81D2-064CB62A410E} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F493F569-3741-4BE1-81D2-064CB62A410E} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UPnP\UPnPHostConfig => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBBCF8E5-5D94-41C2-851E-73BD6697474E} => Key deleted successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBBCF8E5-5D94-41C2-851E-73BD6697474E} => Key deleted successfully. <br/>C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully. <br/>HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully. <br/>C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully. <br/>C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => Moved successfully. <br/>C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => Moved successfully. <br/>C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000Core.job => Moved successfully. <br/>C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2839089444-2725325661-240080684-1000UA.job => Moved successfully. <br/>C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => Moved successfully. <br/>C:\Windows\Tasks\User_Feed_Synchronization-{261A6D4F-9145-4072-92B6-5F1E570844E9}.job => Moved successfully. <br/>C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully. <br/> <br/>==== End of Fixlog ==== <br/> <br/># AdwCleaner v3.020 - Report created 03/03/2014 at 19:40:48 <br/># Updated 27/02/2014 by Xplode <br/># Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) <br/># Username : Seward - SEWARD-PC <br/># Running from : C:\Users\Seward\Downloads\adwcleaner (1).exe <br/># Option : Clean <br/> <br/>***** [ Services ] ***** <br/> <br/> <br/>***** [ Files / Folders ] ***** <br/> <br/> <br/>***** [ Shortcuts ] ***** <br/> <br/> <br/>***** [ Registry ] ***** <br/> <br/>Key Deleted : HKLM\Software\Description <br/> <br/>***** [ Browsers ] ***** <br/> <br/>-\\ Internet Explorer v8.0.6001.19499 <br/> <br/> <br/>-\\ Google Chrome v <br/> <br/>[ File : C:\Users\Seward\AppData\Local\Google\Chrome\User Data\Default\preferences ] <br/> <br/> <br/>************************* <br/> <br/>AdwCleaner[R0].txt - [5035 octets] - [26/12/2013 01:53:00] <br/>AdwCleaner[R1].txt - [925 octets] - [03/03/2014 19:37:36] <br/>AdwCleaner[S0].txt - [5200 octets] - [26/12/2013 01:55:50] <br/>AdwCleaner[S1].txt - [849 octets] - [03/03/2014 19:40:48] <br/> <br/>########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [908 octets] ##########
Posted 3/4/2014 11:56 AM
#96708
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
Please tell how things are running now ?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 3/5/2014 3:22 AM
#96713
User avatar

uvideovirus Member

Date Joined Nov 2016
Total Posts: 5
Everything seems to be running fine. Nothing strange happening at startup anymore. <br/> <br/>Is it okay to uninstall all those programs now?
Posted 3/5/2014 7:49 AM
#96714
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
That´s good news. <br/> <br/> <br/> <br/> <br/>Let's clear the tools: <br/> <br/> <br/>Please download: Delfix <br/> <br/> <br/>by "Xplode" to your Desktop. <br/> <br/>Run the tool and check the following boxes below; <br/>• Remove disinfection tools <br/>• Create registry backup <br/>• Purge System Restore <br/> <br/>Now click on "Run" button. Wait for the programme completes his work. <br/>All the tools we used should be gone. <br/>Tool will create and open an log report (DelFix.txt) <br/>Note: The report will also be stored on C:\DelFix.txt

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Thursday, December 8, 2016, 5:19 PM (GMT +1)
There are a total of 61,163 posts in 13,450 threads.
In the last 3 days there were 1 new threads and 3 reply posts.

Who's online

This forum has 37,968 registered members. Please welcome our newest member, Crawlerz.
There are currently no users on-line.