Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chrome - Webpage Note Available /IE Cant Display Page


  • This topic is locked This topic is locked
4 replies to this topic

#1 wcharliew

wcharliew

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 23 January 2015 - 10:28 PM

Help

 

I've tried to look back at the forum and use the advice on how to solve this problem from running adware cleaners (AdwCleaners) and Malware tools - Malewarebyte to reseting network parameters from the DOS commend line but nothing has worked.  Can ping in my local network and through my router out to the internet but browsers and FileZilla doen't seem to be able to get a network connection.

 

Per the suggestion below are FRST logs.  Any help thoughts would be appricaiated

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by Charlie (administrator) on WOODYS-PC on 23-01-2015 21:58:21
Running from C:\Users\Charlie\Desktop\Scan tools
Loaded Profiles: Charlie & UpdatusUser (Available profiles: IUSR_NMPR & Charlie & Ann & Matt & AJ & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel® Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(AOL Inc.) C:\Program Files\Common Files\aol\acs\AOLacsd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel® Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(AOL Inc.) C:\Program Files\Common Files\aol\1196543015\ee\aolsoftware.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Akamai Technologies, Inc.) C:\Users\Charlie\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Akamai Technologies, Inc.) C:\Users\Charlie\AppData\Local\Akamai\netsession_win.exe
(Intel® Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [176128 2006-09-11] (Intel® Corporation)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-16] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [HostManager] => C:\Program Files\Common Files\AOL\1196543015\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [ccApp] => C:\Program Files\Common Files\Symantec Shared\ccApp.exe [51048 2008-10-17] (Symantec Corporation)
HKLM\...\Run: [osCheck] => C:\Program Files\Norton 360\osCheck.exe [988512 2008-02-26] (Symantec Corporation)
HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Run: [AdobeUpdater] => "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Run: [EADM] => C:\Program Files\Origin\Origin.exe [3618648 2015-01-04] (Electronic Arts)
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Charlie\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [2427400 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Policies\Explorer: [NoInternetIcon] 0
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\MountPoints2: {c0f79a81-0842-11df-bec1-806e6f6e6963} - F:\HPLauncher.exe
HKU\S-1-5-21-4037648563-725528539-2585004647-1007\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4037648563-725528539-2585004647-1007\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)
Startup: C:\Users\AJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Belkin Network USB Hub Control Center.lnk
ShortcutTarget: Belkin Network USB Hub Control Center.lnk -> C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe (Belkin International, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Belkin Network USB Hub Control Center.lnk
ShortcutTarget: Belkin Network USB Hub Control Center.lnk -> C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe (Belkin International, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Common Files\Symantec Shared\Backup\buShell.dll (Symantec Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4037648563-725528539-2585004647-1007\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4037648563-725528539-2585004647-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4037648563-725528539-2585004647-1003\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-4037648563-725528539-2585004647-1002\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Blank
HKU\S-1-5-21-4037648563-725528539-2585004647-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aol.com/?ncid=customie9
HKU\S-1-5-21-4037648563-725528539-2585004647-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop
URLSearchHook: HKLM - AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} -  No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4037648563-725528539-2585004647-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} -  No File
Toolbar: HKU\S-1-5-21-4037648563-725528539-2585004647-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-4037648563-725528539-2585004647-1001 -> Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-4037648563-725528539-2585004647-1001 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4037648563-725528539-2585004647-1001 -> No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Filter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - C:\Program Files\Design Science\MathPlayer\MathMLMimer.dll (Design Science, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E1A1D904-87D9-425C-839A-BDAA9A76EDCB}: [NameServer] 4.2.2.2,8.8.8.8

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=13 -> C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-28]

Chrome:
=======
CHR Profile: C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-23]
CHR Extension: (Google Drive) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-23]
CHR Extension: (YouTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-23]
CHR Extension: (Google Search) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-23]
CHR Extension: (Gmail) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel® Corporation) [File not signed]
R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46184 2014-02-06] (AOL Inc.)
S3 Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [1322648 2008-06-05] (Autodesk, Inc.) [File not signed]
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-21] (Symantec Corporation)
S2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S2 CLTNetCnService; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S3 comHost; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [55640 2007-08-22] (Symantec Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] () [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-11-27] (Macrovision Europe Ltd.) [File not signed]
S2 gupdate1c9c0efd3134ec9; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel® Corporation) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-09-05] (Symantec Corporation)
S2 LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [149352 2008-10-17] (Symantec Corporation)
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] () [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel® Corporation) [File not signed]
R2 mi-raysat_3dsmax2010_32; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [86016 2009-03-12] () [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1903472 2015-01-04] (Electronic Arts)
S2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel® Corporation) [File not signed]
S3 Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1245064 2008-11-15] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 RoxLiveShare10; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
S3 COH_Mon; C:\Windows\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
R2 CO_Mon; C:\Windows\system32\drivers\CO_Mon.sys [36056 2007-08-08] (Symantec Corporation)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-19] (Microsoft Corporation)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20141223.001\IDSvix86.sys [286328 2011-10-17] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Symantec\Definitions\VirusDefs\20141228.001\NAVENG.SYS [95704 2014-12-15] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Symantec\Definitions\VirusDefs\20141228.001\NAVEX15.SYS [1636696 2014-12-15] (Symantec Corporation)
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [12400 2008-01-11] (Macrovision Europe Ltd) [File not signed]
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
S3 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [447024 2008-09-05] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2008-01-31] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2008-01-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2008-01-31] (Symantec Corporation)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [62464 2007-09-27] (silex technology, Inc.)
R3 SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [13616 2009-02-19] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124464 2009-01-09] (Symantec Corporation)
R3 SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [96560 2009-02-19] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [24112 2009-02-19] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [41008 2009-02-19] (Symantec Corporation)
R3 SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [22320 2009-02-19] (Symantec Corporation)
R1 SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [184496 2009-02-19] (Symantec Corporation)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-01] (America Online, Inc.)
S4 blbdrive; No ImagePath
S3 IpInIp; No ImagePath
S3 NwlnkFlt; No ImagePath
S3 NwlnkFwd; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 21:57 - 2015-01-23 21:58 - 00000000 ____D () C:\FRST
2015-01-23 21:29 - 2015-01-23 21:29 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Anvisoft
2015-01-23 21:28 - 2015-01-23 21:28 - 00001070 _____ () C:\Users\Public\Desktop\Anvi Browser Repair Tool.lnk
2015-01-23 21:28 - 2015-01-23 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2015-01-23 21:28 - 2015-01-23 21:28 - 00000000 ____D () C:\Program Files\Anvisoft
2015-01-23 21:28 - 2015-01-23 21:26 - 08806944 _____ (Anvisoft) C:\Users\Charlie\Desktop\brtsetup.exe
2015-01-23 21:15 - 2015-01-23 21:27 - 00000000 ____D () C:\Users\Charlie\Desktop\Default Old
2015-01-23 20:20 - 2015-01-23 20:20 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2015-01-23 20:15 - 2015-01-23 20:15 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-23 20:15 - 2015-01-23 20:15 - 00000000 _____ () C:\Windows\setupact.log
2015-01-23 19:02 - 2015-01-23 19:04 - 06381120 _____ (Tim Kosse) C:\Users\Charlie\Downloads\FileZilla_3.10.0.2_win32-setup.exe
2015-01-22 19:11 - 2015-01-23 18:10 - 00000000 ____D () C:\AdwCleaner
2015-01-22 18:02 - 2015-01-23 21:58 - 00000000 ____D () C:\Users\Charlie\Desktop\Scan tools
2015-01-21 20:23 - 2015-01-21 20:23 - 00002699 _____ () C:\Users\Charlie\Desktop\software_removal_tool.log
2015-01-21 20:22 - 2015-01-23 21:22 - 00000286 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2015-01-21 20:22 - 2015-01-21 20:22 - 00001008 _____ () C:\Users\Public\Desktop\RegistryBooster.lnk
2015-01-19 16:43 - 2014-12-18 19:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-19 16:43 - 2014-12-05 22:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-19 16:43 - 2014-12-05 22:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-19 16:43 - 2014-12-05 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-19 16:41 - 2014-12-05 22:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-11 14:22 - 2015-01-11 14:22 - 10901854 _____ () C:\Users\AJ\Desktop\Welcome to Post Season Mitches - Messages3.html
2015-01-11 14:22 - 2015-01-11 14:22 - 00000000 ____D () C:\Users\AJ\Desktop\Welcome to Post Season Mitches - Messages3_files
2015-01-11 14:01 - 2015-01-11 14:01 - 00000162 ____H () C:\Users\AJ\Documents\~$lcome to Post Season Mitches - Messages.html
2015-01-11 13:59 - 2015-01-11 13:59 - 01595943 _____ () C:\Users\AJ\Documents\Welcome to Post Season Mitches - Messages 2.html
2015-01-11 13:59 - 2015-01-11 13:59 - 00000000 ____D () C:\Users\AJ\Documents\Welcome to Post Season Mitches - Messages 2_files
2015-01-10 10:52 - 2015-01-10 10:53 - 00000000 ____D () C:\Users\AJ\Documents\Welcome to Post Season Mitches - Messages_files
2015-01-10 10:52 - 2015-01-10 10:52 - 10864340 _____ () C:\Users\AJ\Documents\Welcome to Post Season Mitches - Messages.html

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 21:35 - 2007-11-08 15:50 - 01945772 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 21:33 - 2014-11-08 13:08 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 21:31 - 2013-03-06 08:58 - 00000000 ____D () C:\ProgramData\Origin
2015-01-23 21:24 - 2009-06-30 16:19 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 21:21 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 21:21 - 2006-11-02 07:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:21 - 2006-11-02 07:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:19 - 2006-11-02 08:01 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-23 21:09 - 2009-06-30 16:19 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 21:02 - 2014-11-08 17:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 20:35 - 2007-08-15 21:24 - 00854880 _____ () C:\Windows\PFRO.log
2015-01-23 20:20 - 2007-12-01 15:53 - 00000000 ____D () C:\Users\Charlie
2015-01-23 20:11 - 2008-11-16 13:22 - 00000632 __RSH () C:\Users\Charlie\ntuser.pol
2015-01-23 19:06 - 2009-09-21 18:39 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\FileZilla
2015-01-23 19:05 - 2010-02-01 20:30 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-01-23 19:05 - 2009-09-21 18:39 - 00000000 ____D () C:\Program Files\FileZilla FTP Client
2015-01-21 22:10 - 2013-03-06 08:57 - 00000000 ____D () C:\Program Files\Origin
2015-01-21 21:52 - 2013-08-17 06:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-21 20:25 - 2006-11-02 05:33 - 00795990 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 20:13 - 2013-07-21 09:05 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Akamai
2015-01-19 20:55 - 2009-06-18 09:58 - 00000000 ____D () C:\Users\AJ\Documents\SimCity 4
2015-01-19 17:24 - 2011-04-17 08:12 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\.minecraft
2015-01-19 16:37 - 2011-08-28 14:23 - 00000000 ____D () C:\Users\AJ\AppData\Roaming\HpUpdate
2015-01-08 09:55 - 2009-11-26 10:33 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-31 13:15 - 2006-11-02 05:24 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-12-28 18:12 - 2007-08-15 21:15 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared

==================== Files in the root of some directories =======
2013-08-25 11:43 - 2013-08-25 11:43 - 0000460 _____ () C:\Users\Charlie\AppData\Roaming\Network Monitor II_Settings.ini
2010-12-29 15:35 - 2010-12-29 15:35 - 0001246 _____ () C:\Users\Charlie\AppData\Roaming\System Monitor II_Settings.ini
2007-12-19 21:28 - 2007-12-19 21:28 - 0000008 _____ () C:\Users\Charlie\AppData\Roaming\usb.dat.bin
2012-09-16 20:40 - 2014-03-01 09:55 - 0001356 _____ () C:\Users\Charlie\AppData\Local\d3d9caps.dat
2008-03-09 18:31 - 2014-12-06 18:04 - 0006144 _____ () C:\Users\Charlie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-10-07 22:17 - 2008-10-07 22:17 - 0000095 _____ () C:\Users\Charlie\AppData\Local\fusioncache.dat
2008-10-07 22:10 - 2008-10-07 22:10 - 0000000 _____ () C:\Users\Charlie\AppData\Local\rx_image.Cache
2014-11-18 18:28 - 2014-11-18 18:28 - 0000000 _____ () C:\Users\Charlie\AppData\Local\{4B2CECE0-4A99-4E49-89BF-328AC36937D2}
2014-12-06 17:06 - 2014-12-06 17:06 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-08-15 18:43 - 2010-08-15 18:43 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2007-08-15 20:57 - 2008-03-26 18:54 - 0000656 _____ () C:\ProgramData\hpzinstall.log
2007-12-31 13:46 - 2008-11-13 16:32 - 0011387 _____ () C:\ProgramData\LUUnInstall.LiveUpdate
2012-02-12 07:31 - 2014-03-08 15:25 - 0000899 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:
====================
C:\Users\Charlie\WDSync_v6_3_130.exe

Some content of TEMP:
====================
C:\Users\AJ\AppData\Local\Temp\symlcsv1.exe
C:\Users\Charlie\AppData\Local\Temp\Quarantine.exe
C:\Users\Charlie\AppData\Local\Temp\sqlite3.dll
C:\Users\Charlie\AppData\Local\Temp\_is1DBC.exe
C:\Users\Charlie\AppData\Local\Temp\_is9FF6.exe
C:\Users\Matt\AppData\Local\Temp\_is5FAC.exe
C:\Users\Matt\AppData\Local\Temp\_isC6D8.exe
C:\Users\Matt\AppData\Local\Temp\_isCC91.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-23 21:27

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by Charlie at 2015-01-23 22:00:04
Running from C:\Users\Charlie\Desktop\Scan tools
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Disabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Disabled - Out of date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton 360 (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.7.186 - Adobe Systems Incorporated)
Acrobat.com (Version: 1.7.186 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0.1 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Acrobat 9 Pro (HKLM\...\{AC76BA86-1033-0000-7760-000000000004}{AC76BA86-1033-0000-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-0000-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
Akamai NetSession Interface (HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon MP3 Downloader 1.0.12 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.12 - Amazon Services LLC)
AnswerWorks 4.0 Runtime - English (HKLM\...\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}) (Version: 4.0.101 - Vantage Software Technologies)
Anvi Browser Repair Tool (HKLM\...\Anvi Browser Repair Tool) (Version: 2.0 - Anvisoft)
AOL Toolbar (HKLM\...\AOL Toolbar) (Version:  - )
AOL Toolbar (HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\AOL Toolbar) (Version:  - )
AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version:  - AOL Inc.)
AppCore (Version: 2.0.0.79 - Symantec Corporation) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Autodesk 3ds Max 2010 32-bit (HKLM\...\{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 32-bit Components (HKLM\...\{60A08432-00DD-0409-AC2C-143C75460878}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 Tutorials Files (HKLM\...\{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}) (Version: 12.0 - Autodesk)
Autodesk Backburner 2008.1 (HKLM\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1.1 - Autodesk, Inc.)
Autodesk Design Review 2010 (HKLM\...\Autodesk Design Review 2010) (Version: 10.0.0.108 - Autodesk, Inc.)
Autodesk Design Review 2010 (Version: 10.0.0.108 - Autodesk, Inc.) Hidden
Autodesk FBX Plugin 2009.4 - 3ds Max 2010 (HKLM\...\Autodesk FBX Plugin 2009.4 - 3ds Max 2010) (Version:  - Autodesk)
Autodesk Revit Architecture 2010 (HKLM\...\Autodesk Revit Architecture 2010) (Version: 09.03.17211 - Autodesk, Inc.)
Autodesk Revit Architecture 2010 (Version: 09.03.17211 - Autodesk, Inc.) Hidden
Backup (Version: 1.0.0.382 - Symantec Corporation) Hidden
Battlefield 1942 (HKLM\...\{698D7E61-E4BF-4CA6-8A09-CF6BDBFDEF65}) (Version:  - )
Battlefield 1942: Secret Weapons of WWII (HKLM\...\{B73B4A99-4173-4747-BBEC-0F05E966F9D2}) (Version:  - )
Battlefield 1942: The Road To Rome (HKLM\...\{D057AA08-8CBF-42E3-9EAB-23B8FED1C279}) (Version:  - )
Bejeweled 2 Deluxe 1.1 (HKLM\...\Bejeweled 2 Deluxe 1.1) (Version: 1.1 - PopCap Games)
Belkin Network USB Hub Control Center (HKLM\...\Belkin Network USB Hub Control Center) (Version: 1.4.0 - Belkin International, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Caesar 3 (HKLM\...\Caesar 3) (Version:  - )
Canon MX860 series User Registration (HKLM\...\Canon MX860 series User Registration) (Version:  - )
ccCommon (Version: 107.0.5.5 - Symantec) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectXInstallService (Version: 9.0.2 - Roxio) Hidden
DownloadTerms (HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\DownloadTerms) (Version: 1.0 - Unlimited Downloads, LLC) <==== ATTENTION
EasyMPEG MX (HKLM\...\{67421967-2CF9-4465-968D-D4E2ABB16A65}) (Version: 3.3.6.109 - DigitalView Video Studio)
EMC 10 Content (HKLM\...\{FDB46DE7-9045-47BB-970A-3E4ED5369E03}) (Version: 1.0.015 - Roxo, Inc.)
Empire Earth - The Art of Conquest (HKLM\...\{B49C924C-A651-4378-94F6-5D9BF44A959F}) (Version:  - )
Empire Earth (HKLM\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Empire Earth II (HKLM\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.0 - Sierra)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
FileZilla Client 3.10.0.2 (HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\FileZilla Client) (Version: 3.10.0.2 - Tim Kosse)
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
GearDrvs (Version: 5.0.0.2 - Symantec Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.1536.6592 - Google Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4558.05 - PC-Doctor, Inc.)
HP Advisor (HKLM\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.2.0.2296 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.2.0.2304 - Hewlett-Packard)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{982EC692-AF53-4B66-B56C-5199DFC207E5}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Viiv™ Software (HKLM\...\Intel® Configuration Center) (Version: 1.6.361.6 - Intel Corporation)
IP Camera (HKLM\...\IP Camera) (Version:  - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java DB 10.5.3.0 (HKLM\...\{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}) (Version: 10.5.3.0 - Sun Microsystems, Inc)
Java™ SE Development Kit 6 Update 23 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)
LEGO Digital Designer (HKLM\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LightScribe  1.6.45.1 (Version: 1.6.45.1 - http://www.lightscribe.com) Hidden
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.1.234 - Symantec Corporation)
LiveUpdate (Symantec Corporation) (Version: 3.4.1.238 - Symantec Corporation) Hidden
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.3.0.45 - Symantec Corporation)
LiveUpdate Notice (Symantec Corporation) (HKLM\...\{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}) (Version: 1.4.5 - Symantec Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MathPlayer (HKLM\...\{32F66A20-7614-11D4-BD11-00104BD3F987}) (Version: 2.1d - Design Science, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.0 (HKLM\...\{14AF024E-2E3B-49D0-A175-D1C1A06B155A}) (Version: 6.00.050 - muvee Technologies)
Muvic Smartbar (HKLM\...\{AA236AFD-B26E-4BC7-9A13-76BD5F9887AC}) (Version: 10.211.58.15493 - PinWid Ltd.) <==== ATTENTION
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1804 - WildTangent)
NETGEAR Print Server Software (HKLM\...\NETGEAR Print Server Software) (Version:  - )
Nike+ Utility (HKLM\...\{309C137D-66B4-491B-9D21-F03892DAFD93}) (Version: 1.00.0000 - NIKE, Inc.)
Norton 360 (Symantec Corporation) (HKLM\...\SymSetup.{2D617065-1C52-4240-B5BC-C0AE12157777}) (Version: 2.2.0.2 - Symantec Corporation)
Norton 360 (Version: 2.0.0.242 - Symantec Corporation) Hidden
Norton 360 (Version: 2.2.0.2 - Symantec Corporation) Hidden
Norton 360 HTMLHelp (Version: 2.0.0.175 - Symantec Corporation) Hidden
Norton Confidential Core (Version: 2.6.0.3 - Symantec Corporation) Hidden
NVIDIA Graphics Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.07 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
PHOTOfunSTUDIO -viewer- (HKLM\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 2.00.000 - Panasonic)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.6 - Google, Inc.)
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{159FEB97-8A7B-446E-AEBF-DDC026561F1D}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
PSSWCORE (Version: 2.01.0000 - Hewlett-Packard) Hidden
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
RegistryBooster (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1) (Version: 6.1.4.0 - Uniblue Systems Limited)
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}) (Version: 1.1.0 - RealNetworks)
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Ruby 1.8.7-p249 (HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\{F6377277-9DF1-4a1f-A487-CB5D34DCD793}_is1) (Version: 1.8.7-p249 - RubyInstaller Team)
Ruby-186-26 (HKLM\...\Ruby-186-26) (Version: 1.8.6-26 - rubyinstaller.rubyforge.org)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SimCity 4 Deluxe (HKLM\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version:  - )
SimCity™ (HKLM\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.8.0 - SmartSound Software Inc) Hidden
Snapfish Picture Mover (HKLM\...\{029B5901-1F27-4347-9923-E8ACC8F54E15}) (Version: 1.9.0.16 - HP Snapfish)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
Software Suite (HKLM\...\{497A1721-088F-41EF-8876-B43C9DA5528B}) (Version:  - ArcSoft)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version:  - )
SPBBC 32bit (Version: 4.1.0.15 - Symantec Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SuperPower (HKLM\...\InstallShield_{0113246A-405B-A6B4-592B-7FAEBD70558D}) (Version: 1.10.0000 - Dreamcatcher)
SuperPower (Version: 1.10.0000 - Dreamcatcher) Hidden
Symantec Real Time Storage Protection Component (Version: 10.2.3.9 - Symantec Corporation) Hidden
Symantec Technical Support Controls (Version: 3.5.3 - Symantec Corporation) Hidden
SymNet (Version: 8.0.3.4 - Symantec Corporation) Hidden
System Requirements Lab for Intel (HKLM\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
Timer Software (HKLM\...\{1F9EB8D8-D9EA-4F94-8272-614B9EF1A00B}) (Version: 1.0.151 - Smarthome)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Uniblue SystemTweaker (HKLM\...\{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1) (Version:  - Uniblue Systems Ltd)
Unity Web Player (All users) (HKLM\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VideoToolkit01 (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Virtools 3D Life Player (HKLM\...\Virtools3DLifePlayer) (Version: 4.0.0.x - Virtools)
Visual Slideshow (HKLM\...\Visual Slideshow) (Version:  - )
WeatherBug FX (HKU\S-1-5-21-4037648563-725528539-2585004647-1001\...\2f986d02635a2a02) (Version: 1.3.0.0 - WeatherBug)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL Desktop 9.7\axtrack.dll (AOL Inc.)
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1001_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{1853e19a-4e54-4190-8deb-2e1cc947cd60}\InprocServer32 -> C:\Program Files\AOL 9.0\axtrack.dll (AOL, LLC.)
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{7629C9DE-2E38-4963-A01C-02FFAC203D87}\InprocServer32 -> C:\Program Files\AOL 9.0\axtrack.dll (AOL, LLC.)
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{B9F3009B-976B-41C4-A992-229DCCF3367C}\InprocServer32 -> C:\Program Files\AOL 9.0\axtrack.dll (AOL, LLC.)
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-4037648563-725528539-2585004647-1007_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> No File Path

==================== Restore Points  =========================

20-12-2014 16:35:58 Scheduled Checkpoint
28-12-2014 17:08:23 Windows Update
02-01-2015 11:35:55 Windows Update
06-01-2015 18:51:42 Windows Update
08-01-2015 12:48:32 Scheduled Checkpoint
10-01-2015 10:39:02 Windows Update
11-01-2015 00:00:10 Scheduled Checkpoint
18-01-2015 10:59:00 Windows Update
19-01-2015 16:38:05 Windows Update
21-01-2015 21:00:26 Windows Update
21-01-2015 21:25:08 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2014-03-01 13:06 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07CD7E45-DEE8-48F9-9513-1AC3D684EC2F} - System32\Tasks\{61470ABB-751F-4A17-A1D9-073A586C4DA3} => pcalua.exe -a C:\Users\Charlie\AppData\Local\Temp\Temp3_wgps606_software_2_0.zip\Setup.exe
Task: {17CE6737-45B2-4B15-A82D-E4678022E2BD} - System32\Tasks\JavaUpdateMatt => C:\Windows\system32\jusched.exe
Task: {3CD457E8-A79D-4E48-B1AF-2D6122AAD332} - System32\Tasks\{7C0DE333-A718-4D55-8A4B-1FD4A49DBF2A} => pcalua.exe -a "C:\Users\Charlie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWN7K3TN\USBDRVEN[1].EXE" -d C:\Users\Charlie
Task: {3DDEC1DF-ADD0-4F14-B037-6D1CD97C2F09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {4E81B3A7-C298-42B7-867F-F41A34473318} - System32\Tasks\{5C4DFA82-A074-43E4-86DF-25F190FFB033} => pcalua.exe -a "C:\Users\Charlie\Desktop\Easy CD Creator 10\RoxioContentCDv10_SQA.exe" -d "C:\Users\Charlie\Desktop\Easy CD Creator 10"
Task: {5438105D-E2C1-48D3-B5FD-48A0A0097AEE} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe
Task: {716E3A09-1757-4EA3-90CA-F2501AB1B13B} - System32\Tasks\JavaUpdateAnn => C:\Windows\system32\jusched.exe
Task: {72F15127-D6CD-488B-B4F2-B6CC9E191386} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-08] (Adobe Systems Incorporated)
Task: {85E601A4-880E-49E6-9DF0-4AFF06221232} - System32\Tasks\{F397A2F3-00E9-4B0C-92AD-B7439CE40535} => pcalua.exe -a E:\Setup_CD1.exe -d E:\
Task: {9243C419-CA2A-4F89-BC87-2DBD0205A2DC} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {C2DB142F-0969-4981-8FF3-4132889C324D} - System32\Tasks\{2039918D-FC14-4BFB-80BB-AC0810F21B4B} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {C71F9A2A-4A38-49D7-82AF-62797C14C7A2} - System32\Tasks\{9AAC34A4-AB8C-4417-B94A-C0C60DA8D93F} => pcalua.exe -a "C:\Users\Charlie\Desktop\WGPS606 Software and Doc\wgps606_software_2_0\Setup.exe" -d "C:\Users\Charlie\Desktop\WGPS606 Software and Doc\wgps606_software_2_0"
Task: {C7DA0337-1E49-4B46-8DEB-F3CF85AB5E77} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C8A8F98B-1FE1-4177-B2C3-07AFBA8897D8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D01D546E-7577-4D96-A684-5852392160E9} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {D9DE4A39-4380-496D-8B2B-969210344B3C} - System32\Tasks\JavaUpdateAJ => C:\Windows\system32\jusched.exe
Task: {DD62A1F7-F61B-4081-BD92-61A596BA18B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {E0EE94BC-2F54-4919-944F-86BF1D85EA8D} - System32\Tasks\JavaUpdateCharlie => C:\Windows\system32\jusched.exe
Task: {F0DE3B46-DB64-4C6E-B9A2-8E4EA35983D2} - System32\Tasks\RegistryBooster Maintenance => C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegistryBooster Maintenance.job => C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe

==================== Loaded Modules (whitelisted) =============

2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-09-03 12:32 - 2006-09-03 12:32 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2009-03-12 17:36 - 2009-03-12 17:36 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-01-16 10:34 - 2015-01-16 10:34 - 00039200 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 11:41 - 2014-05-24 11:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 11:41 - 2014-05-24 11:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AJ\Desktop\bon anniversaire andrew matt mirina .AVI:TOC.WMV
AlternateDataStreams: C:\Users\AJ\Desktop\drill press vid.avi:TOC.WMV
AlternateDataStreams: C:\Users\AJ\Desktop\woodhouse1.avi:TOC.WMV
AlternateDataStreams: C:\ProgramData\TEMP:7838B9E0
AlternateDataStreams: C:\Users\Matt\Documents\DSCF0003.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\Matt\Documents\DSCF0004.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\Matt\Documents\DSCF0007.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\Matt\Documents\Econ Project.dmsd:Roxio EMC Stream
AlternateDataStreams: C:\Users\Matt\Documents\IMG_0002.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\Matt\Documents\IMG_0019.JPG:Roxio EMC Stream

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Charlie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: HPAdvisor => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
MSCONFIG\startupreg: hpsysdrv => c:\hp\support\hpsysdrv.exe
MSCONFIG\startupreg: KBD => C:\HP\KBD\KbdStub.EXE
MSCONFIG\startupreg: RegistryBooster => "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4037648563-725528539-2585004647-500 - Administrator - Disabled)
AJ (S-1-5-21-4037648563-725528539-2585004647-1004 - Limited - Enabled) => C:\Users\AJ
Ann (S-1-5-21-4037648563-725528539-2585004647-1002 - Limited - Enabled) => C:\Users\Ann
Charlie (S-1-5-21-4037648563-725528539-2585004647-1001 - Administrator - Enabled) => C:\Users\Charlie
Guest (S-1-5-21-4037648563-725528539-2585004647-501 - Limited - Disabled)
IUSR_NMPR (S-1-5-21-4037648563-725528539-2585004647-1000 - Limited - Enabled) => C:\Users\IUSR_NMPR
Matt (S-1-5-21-4037648563-725528539-2585004647-1003 - Limited - Enabled) => C:\Users\Matt
UpdatusUser (S-1-5-21-4037648563-725528539-2585004647-1007 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2015 08:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module SHELL32.dll, version 6.0.6002.19070, time stamp 0x533183ed, exception code 0xc0000005, fault offset 0x0014a3de,
process id 0x890, application start time 0xExplorer.EXE0.

Error: (01/23/2015 08:43:26 PM) (Source: MsiInstaller) (EventID: 11704) (User: Woodys-PC)
Description: Product: Java™ SE Development Kit 6 Update 23 -- Error 1704.An installation for Microsoft .NET Framework 4.5.2 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?

Error: (01/23/2015 08:42:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16599, time stamp 0x5473964b, faulting module IEFRAME.dll, version 9.0.8112.16599, time stamp 0x547396ec, exception code 0xc0000005, fault offset 0x001a8290,
process id 0x1490, application start time 0xiexplore.exe0.

Error: (01/23/2015 08:39:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application IntuitUpdateService.exe, version 4.0.9.0, time stamp 0x51c36c08, faulting module clr.dll, version 4.0.30319.34209, time stamp 0x5348961e, exception code 0x80131506, fault offset 0x002db2d2,
process id 0x%9, application start time 0xIntuitUpdateService.exe0.

Error: (01/23/2015 08:39:20 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: IntuitUpdateService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 6300B2D2 (62D30000) with exit code 80131506.

Error: (01/23/2015 06:15:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application IntuitUpdateService.exe, version 4.0.9.0, time stamp 0x51c36c08, faulting module clr.dll, version 4.0.30319.34209, time stamp 0x5348961e, exception code 0x80131506, fault offset 0x002db2d2,
process id 0x%9, application start time 0xIntuitUpdateService.exe0.

Error: (01/23/2015 06:15:23 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: IntuitUpdateService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 603FB2D2 (60120000) with exit code 80131506.

Error: (01/23/2015 06:04:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application IntuitUpdateService.exe, version 4.0.9.0, time stamp 0x51c36c08, faulting module clr.dll, version 4.0.30319.34209, time stamp 0x5348961e, exception code 0x80131506, fault offset 0x002db2d2,
process id 0x%9, application start time 0xIntuitUpdateService.exe0.

Error: (01/23/2015 06:04:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: IntuitUpdateService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 610CB2D2 (60DF0000) with exit code 80131506.

Error: (01/23/2015 05:47:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16599, time stamp 0x5473964b, faulting module IEFRAME.dll, version 9.0.8112.16599, time stamp 0x547396ec, exception code 0xc0000005, fault offset 0x001a8290,
process id 0x1274, application start time 0xiexplore.exe0.

System errors:
=============
Error: (01/23/2015 09:24:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: HP Health Check Service%%1053

Error: (01/23/2015 09:24:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000HP Health Check Service

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Intel® Remoting ServiceIntel® Application Tracker%%2343419631

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Intel® Application Tracker%%2343419631

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Intel® Viiv™ Media ServerIntel® Software Services Manager%%2343419631

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Intel® Software Services Manager%%2343419631

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Symantec Lic NetConnect service

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000LiveUpdate Notice

Error: (01/23/2015 09:23:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Symantec Settings Manager

Microsoft Office Sessions:
=========================
Error: (01/23/2015 08:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.0.6002.1800549e01da5SHELL32.dll6.0.6002.19070533183edc00000050014a3de89001d03777b268d097

Error: (01/23/2015 08:43:26 PM) (Source: MsiInstaller) (EventID: 11704) (User: Woodys-PC)
Description: Product: Java™ SE Development Kit 6 Update 23 -- Error 1704.An installation for Microsoft .NET Framework 4.5.2 is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)

Error: (01/23/2015 08:42:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.165995473964bIEFRAME.dll9.0.8112.16599547396ecc0000005001a8290149001d03776a997a9bc

Error: (01/23/2015 08:39:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IntuitUpdateService.exe4.0.9.051c36c08clr.dll4.0.30319.342095348961e80131506002db2d2

Error: (01/23/2015 08:39:20 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: IntuitUpdateService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 6300B2D2 (62D30000) with exit code 80131506.

Error: (01/23/2015 06:15:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IntuitUpdateService.exe4.0.9.051c36c08clr.dll4.0.30319.342095348961e80131506002db2d2

Error: (01/23/2015 06:15:23 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: IntuitUpdateService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 603FB2D2 (60120000) with exit code 80131506.

Error: (01/23/2015 06:04:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IntuitUpdateService.exe4.0.9.051c36c08clr.dll4.0.30319.342095348961e80131506002db2d2

Error: (01/23/2015 06:04:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: IntuitUpdateService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 610CB2D2 (60DF0000) with exit code 80131506.

Error: (01/23/2015 05:47:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.165995473964bIEFRAME.dll9.0.8112.16599547396ecc0000005001a8290127401d0375e9a202753

CodeIntegrity Errors:
===================================
  Date: 2015-01-23 21:58:40.671
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:58:40.313
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:58:39.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:58:39.581
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:34:38.651
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:34:38.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:34:37.778
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:34:37.368
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:22:08.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-01-23 21:22:08.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU E4500 @ 2.20GHz
Percentage of memory in use: 56%
Total physical RAM: 2045.76 MB
Available physical RAM: 891.25 MB
Total Pagefile: 4334.78 MB
Available Pagefile: 2937.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.53 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:289.17 GB) (Free:30.01 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:8.92 GB) (Free:1.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive m: () (Removable) (Total:0.96 GB) (Free:0.44 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=289.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.9 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 980 MB) (Disk ID: 6F20736B)
No partition Table on disk 5.
Disk 5 is a removable device.

==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:18 PM

Posted 25 January 2015 - 02:23 PM

Hey, :)

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 wcharliew

wcharliew
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 25 January 2015 - 04:13 PM

Thanks for your recommendations. I implemented the process you recommended process and I'm back on line.

#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:18 PM

Posted 26 January 2015 - 10:35 AM

OK :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,030 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:18 PM

Posted 30 January 2015 - 02:36 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users