Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Don't Know What is Wrong.


  • This topic is locked This topic is locked
2 replies to this topic

#1 brokencomputerchamp

brokencomputerchamp

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 14 April 2015 - 06:35 PM

Hi. I'm new to bleeping computer and I really need help with removing all the viruses I have. I havea windows xp, dell dimension 2400, with windows 7 software.

I ran farar scanner

 

Here are the logs:

 

hi. I'm new to bleeping computer. I was hoping that someone may be able to fix my computer. It's filled with viruses.

 

Here are the logs to frabar scanner:

 

Failed to access process -> SASCore.exe
Failed to access process -> svchost.exe
Failed to access process -> sppsvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files\Improv Electronics\Sync VDC\VDC.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
Failed to access process -> SearchIndexer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe
Failed to access process -> wmpnetwk.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_16_0_0_296_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
Failed to access process -> WmiPrvSE.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\update\realsched.exe [296096 2012-09-22] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\...\Run: [SUPERAntiSpyware] => C:\Program Files

 

 

 

13:30:40
Running from C:\Users\SRT Transfer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z6XOALT
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: - )
Bandicam (HKLM\...\Bandicam) (Version: 2.0.3.674 - Bandisoft.com)
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version: - )
Collab (HKLM\...\Collab) (Version: - Image-Line bvba)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FL Studio 9 (HKLM\...\FL Studio 9) (Version: - Image-Line)
GIMP 2.6.12-2 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\{B9082609-19CD-3D8D-B53C-E1F0D3F409E3}) (Version: 65.223.114 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hardcore (HKLM\...\Hardcore) (Version: - Image-Line)
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Macromedia Fireworks MX 2004 (HKLM\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
PE Explorer 1.99 R6 (HKLM\...\PE Explorer_is1) (Version: 1.99.6 - Heaventools Software)
PoiZone (HKLM\...\PoiZone) (Version: - Image-Line)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Resource Tuner 2.01 (HKLM\...\Resource Tuner_is1) (Version: 2.01 - Heaventools Software)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sawer (HKLM\...\Sawer) (Version: - Image-Line)
Skype™ 6.7 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.7.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sync VDC (HKLM\...\{29B48C94-4C23-4732-8214-D66FF0C3AFF4}) (Version: 0.9.210 - Improv Electronics)
Toxic Biohazard (HKLM\...\Toxic Biohazard) (Version: - Image-Line)
Tweaking.com - Simple System Tweaker (HKLM\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.9.0 - Tweaking.com)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2014-10-02 10:24 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ReclaimerUpdateFiles_SRT15.job =>
Task: C:\Windows\Tasks\ReclaimerUpdateXML_SRT15.job =>
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_SRT15.job =>
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 34e508a9-aeae-4fb1-8fa2-a1d4315d2b7e.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 45647ab3-9897-4623-9e19-879b934d4155.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d38a41dc-3ff1-4eba-9bb9-698910b1af66.job =>

==================== Loaded Modules (whitelisted) ==============

2014-05-08 16:02 - 2014-05-08 16:02 - 00719360 _____ () C:\Program Files\Improv Electronics\Sync VDC\VDC.exe
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\Control Panel\Desktop\\Wallpaper ->
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-1992712658-3633688082-2664566983-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1992712658-3633688082-2664566983-1002 - Limited - Enabled)
Guest (S-1-5-21-1992712658-3633688082-2664566983-501 - Limited - Disabled) => C:\Users\Guest
SRT 18 (S-1-5-21-1992712658-3633688082-2664566983-1003 - Administrator - Enabled) => C:\Users\SRT 18
SRT Allow (S-1-5-21-1992712658-3633688082-2664566983-1008 - Administrator - Enabled) => C:\Users\SRT Allow
SRT NT Base (S-1-5-21-1992712658-3633688082-2664566983-1006 - Administrator - Enabled)
SRT Transfer (S-1-5-21-1992712658-3633688082-2664566983-1007 - Limited - Enabled) => C:\Users\SRT Transfer
SRT15 (S-1-5-21-1992712658-3633688082-2664566983-1000 - Administrator - Enabled) => C:\Users\SRT15
SRTBase (S-1-5-21-1992712658-3633688082-2664566983-1004 - Administrator - Enabled) => C:\Users\SRTBase
Temp (S-1-5-21-1992712658-3633688082-2664566983-1009 - Limited - Enabled) => C:\Users\Temp

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 00:17:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/13/2015 00:17:06 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/31/2015 00:54:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/31/2015 00:54:24 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/30/2015 10:39:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/30/2015 10:39:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/26/2015 10:09:26 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/26/2015 10:09:25 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/26/2015 10:09:07 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/26/2015 10:09:06 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

System errors:
=============
Error: (04/14/2015 11:02:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/14/2015 11:02:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (04/14/2015 10:16:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (04/14/2015 10:14:47 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}2{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/14/2015 10:14:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (04/14/2015 10:14:32 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}2{ECF5BF46-E3B6-449A-B56B-43F58F867814}

Error: (04/14/2015 10:14:32 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}2{56EA1054-1959-467F-BE3B-A2A787C4B6EA}

Error: (04/14/2015 10:14:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%126

Error: (04/14/2015 10:14:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Remote Access Connection Manager service terminated with the following error:
%%126

Error: (04/14/2015 10:14:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053

Microsoft Office Sessions:
=========================
Error: (04/13/2015 00:17:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NETGEAR\WNA3100\WPSAgt64.exe

Error: (04/13/2015 00:17:06 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (03/31/2015 00:54:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NETGEAR\WNA3100\WPSAgt64.exe

Error: (03/31/2015 00:54:24 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (03/30/2015 10:39:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NETGEAR\WNA3100\WPSAgt64.exe

Error: (03/30/2015 10:39:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (03/26/2015 10:09:26 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2015 10:09:25 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2015 10:09:07 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2015 10:09:06 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

==================== Memory info ===========================

Processor: Intel® Pentium® 4 CPU 2.80GHz
Percentage of memory in use: 97%
Total physical RAM: 1022.07 MB
Available physical RAM: 29.65 MB
Total Pagefile: 2046.07 MB
Available Pagefile: 460.23 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.47 GB) (Free:25.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================

 

 

 

Here is scan #2:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2015
Ran by SRT Transfer (ATTENTION: The logged in user is not administrator) on RT15 on 14-04-2015 13:42:18
Running from C:\Users\SRT Transfer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z6XOALT
Loaded Profiles: SRT Transfer (Available profiles: SRT15 & SRT 18 & SRTBase & SRT Transfer & SRT Allow & Temp & Guest)
Platform: Microsoft Windows 7 Ultimate (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> SASCore.exe
Failed to access process -> svchost.exe
Failed to access process -> sppsvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files\Improv Electronics\Sync VDC\VDC.exe
Failed to access process -> SearchIndexer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
Failed to access process -> wmpnetwk.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\update\realsched.exe [296096 2012-09-22] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6718744 2015-03-25] (SUPERAntiSpyware)
HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\...\Run: [Boogie Board Sync] => C:\Program Files\Improv Electronics\Sync VDC\VDC.exe [719360 2014-05-08] ()
HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_296_ActiveX.exe [960688 2015-01-30] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-04-10] (Microsoft Corporation)
Startup: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:InPrivate
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-22] (RealPlayer)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2012-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll [2012-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2012-09-22] (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-13] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [50072fabac0c8@50072fabac101.info] - C:\Users\SRT15\AppData\Roaming\Mozilla\Firefox\Profiles\oajoqbt2.default\extensions\50072fabac0c8@50072fabac101.info
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-22]

Chrome:
=======
CHR Profile: C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-05]
CHR Extension: (Google Drive) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-10]
CHR Extension: (YouTube) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-05]
CHR Extension: (Google Search) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-05]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-10-05]
CHR Extension: (Google Wallet) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-05]
CHR Extension: (Gmail) - C:\Users\SRT Transfer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-05]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-22]
CHR HKLM\...\Chrome\Extension: [linekaddldfhglilpblhfnaamnpflplp] - C:\ProgramData\Codecv\linekaddldfhglilpblhfnaamnpflplp.crx [Not Found]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S3 Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2014-11-06] () [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
S0 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2012-06-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 RasAuto; 0 [X]
S3 RasMan; 0 [X]
S4 RemoteAccess; 0 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2008-01-19] (Intel Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
R3 BCMModem; C:\Windows\System32\DRIVERS\BCMSM.sys [1101696 2003-08-29] (Broadcom Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-10-06] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2015-03-31] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows ® Win 7 DDK provider)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-03-26] (AnchorFree Inc)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-19] ()

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys 6D2ACA41739BFE8CB86EE8E85F29697D
C:\Windows\System32\drivers\ac97intc.sys 4B56CAAFED0B0B996341D74CE0E76565
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\avgtpx86.sys D15D2E9F5567075740B88F16F01810D6
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcm4sbxp.sys 82DD21BFA8BBE0A3A3833A1BD8E86158
C:\Windows\System32\DRIVERS\bcmwlhigh6.sys B172E759651C4FBD77C009F8E1571EB3
C:\Windows\System32\DRIVERS\BCMSM.sys 41347688046D49CDE0F6D138A534F73D
C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 77361D72A04F18809D0EFB6CCEB74D4B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys DB5E008B3744DD60C8498CBBF2A1CFA6
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Fs_Rec.sys 500A9814FD9446A8126858A5A7F7D273
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ialmnt5.sys 44B7D5A4F2BD9FE21AEA0BB0BACE38C4
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 52FC17C8589F11747D01D3CF592673D0
C:\Windows\System32\Drivers\ksecpkg.sys 3E5474B03568CFAB834DA3C38E8C9EFA
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbamchameleon.sys EA6FC4074EB53342249CCE7DAE9F3A85
C:\Windows\system32\drivers\mbam.sys 8683C1B450F4B3872839308D836E0F92
C:\Windows\system32\drivers\MBAMSwissArmy.sys 12E71DA845D76665B56753AD149E32B3
C:\Windows\system32\drivers\mwac.sys BD27D97297934FD4217A37FD28A7ABC7
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\system32\Drivers\Ntfs.sys A8F59428E9F361C7AC42A94AC1560BC9
C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 66D3415C159741ADE7038A277EFFF99F
C:\Windows\System32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys C858CB77C577780ECC456A892E7E7D0F
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 835D7E81BF517A3B72384BDCC85E1CE6
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys 1E016846895B15A99F9A176A05029075
C:\Windows\System32\drivers\rdpdr.sys C5FF95883FFEF704D50C40D21CFB3AB5
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\system32\Drivers\RDPWD.sys C5B8D47A4688DE9D335204EA757C2240
C:\Windows\System32\drivers\rdyboost.sys 4EA225BF1CF05E158853F30A99CA29A7
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys 5423D8437051E89DD34749F242C98648
C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 39763504067962108505BFF25F024345
C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
C:\Windows\system32\drivers\sbp2port.sys 34EE0C44B724E3E4CE2EFF29126DE5B5
C:\Windows\System32\DRIVERS\scfilter.sys A95C54B2AC3CC9C73FCDF9E51A1D6B51
C:\Windows\System32\DRIVERS\scmndisp.sys 46FB343BA8538009D5A24B110E8C7724
C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys A0708BBD07D245C06FF9DE549CA47185
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys C4A027B8C0BD3FC0699F41FA5E9E0C87
C:\Windows\System32\DRIVERS\srv2.sys 414BB592CAD8A79649D01F9D94318FB3
C:\Windows\System32\DRIVERS\srvnet.sys FF207D67700AA18242AAF985D3E7D8F4
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys 957E346CA948668F2496A6CCF6FF82CC
C:\Windows\system32\drivers\storvsc.sys D5751969DC3E4B88BF482AC8EC9FE019
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss.sys 0C3B2A9C4BD2DD9A6C2E4084314DD719
C:\Windows\System32\drivers\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\DRIVERS\tcpip.sys BBCEAEFF1FD72A026F827CBB2F4AA8AD
C:\Windows\System32\drivers\tcpipreg.sys E64444523ADD154F86567C469BC0B17F
C:\Windows\System32\drivers\tdpipe.sys 1875C1490D99E70E449E3AFAE9FCBADF
C:\Windows\System32\drivers\tdtcp.sys 7156308896D34EA75A582F9A09E50C17
C:\Windows\System32\DRIVERS\tdx.sys CB39E896A2A83702D1737BFD402B3542
C:\Windows\system32\drivers\termdd.sys C36F41EE20E6999DBF4B0425963268A5
C:\Windows\System32\drivers\TrueSight.sys A1965DFC0CD91E7CFC42925F8F597274
C:\Windows\System32\DRIVERS\tssecsrv.sys 98AE6FA07D12CB4EC5CF4A9BFA5F4242
C:\Windows\System32\DRIVERS\tunnel.sys 3E461D890A97F9D4C168F5FDA36E1D00
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys 09CC3E16F8E5EE7168E01CF8FCBE061A
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys 049B3A50B3D646BAEEEE9EEC9B0668DC
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys 2436A42AAB4AD48A9B714E5B0F344627
C:\Windows\System32\DRIVERS\usbccgp.sys C31AE588E403042632DC796CF09E30B0
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys E4C436D914768CE965D5E659BA7EEBD8
C:\Windows\System32\DRIVERS\usbhub.sys BDCD7156EC37448F08633FD899823620
C:\Windows\system32\drivers\usbohci.sys EB2D819A639015253C871CDA09D91D58
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS 1C4287739A93594E57E2A9E6A3ED7353
C:\Windows\System32\DRIVERS\usbuhci.sys 22480BF4E5A09192E5E30BA4DDE79FA4
C:\Windows\System32\Drivers\usbvideo.sys B5F6A992D996282B7FAE7048E50AF83A
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys 3BE6E1F3A4F1AFEC8CEE0D7883F93583
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys 379B349F65F453D2A6E75EA6B7448E49
C:\Windows\system32\drivers\VMBusHID.sys EC2BBAB4B84D0738C6C83D2234DC36FE
C:\Windows\System32\drivers\volmgr.sys 384E5A2AA49934295171E499F86BA6F3
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys 59F06B4968E58BC83DFC56CA4517960E
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\System32\DRIVERS\wanarp.sys 692A712062146E96D28BA0B7D75DE31B
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 6F9B6C0C93232CFF47D0F72D6DB1D21E
C:\Windows\System32\DRIVERS\WUDFRd.sys F91FF1E51FCA30B3C3981DB7D5924252

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== Three Months Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 13:08 - 2015-04-14 13:42 - 00000000 ____D () C:\FRST
2015-04-14 12:57 - 2015-04-14 12:57 - 00000524 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 45647ab3-9897-4623-9e19-879b934d4155.job
2015-04-14 12:57 - 2015-04-14 12:57 - 00000524 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 34e508a9-aeae-4fb1-8fa2-a1d4315d2b7e.job
2015-04-13 23:15 - 2015-04-13 23:15 - 00360448 _____ () C:\Users\SRT Transfer\Desktop\Polka is Terrible.fla
2015-04-13 22:21 - 2015-04-13 22:25 - 00264704 _____ () C:\Users\SRT Transfer\Desktop\Lipsync -- What do you want.fla
2015-03-31 14:21 - 2015-03-31 14:21 - 00000436 _____ () C:\Users\SRT Transfer\Desktop\gcn.txt
2015-03-31 13:03 - 2015-03-31 13:03 - 00031232 _____ () C:\Users\SRT Transfer\Desktop\nmb.fla
2015-03-31 12:52 - 2015-03-31 12:52 - 00152576 _____ () C:\Users\SRT Transfer\Desktop\animation.fla
2015-03-31 09:54 - 2015-03-31 09:54 - 00000000 ____D () C:\Users\SRT Transfer\AppData\Local\BoogieBoardSync
2015-03-31 08:34 - 2015-03-31 08:34 - 00002001 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boogie Board Sync VDC.lnk
2015-03-31 08:34 - 2015-03-31 08:34 - 00001989 _____ () C:\Users\Public\Desktop\Sync VDC.lnk
2015-03-31 08:34 - 2015-03-31 08:34 - 00000000 ____D () C:\Program Files\Improv Electronics
2015-03-30 23:21 - 2015-03-30 23:21 - 00000000 ____D () C:\SUPERDelete
2015-03-30 23:16 - 2015-04-14 13:24 - 00000514 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d38a41dc-3ff1-4eba-9bb9-698910b1af66.job
2015-03-30 23:15 - 2015-04-14 13:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-03-30 23:15 - 2015-03-30 23:15 - 00001925 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2015-03-30 23:15 - 2015-03-30 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-03-26 09:36 - 2015-03-26 09:36 - 00000552 _____ () C:\Users\SRT Transfer\Downloads\yfugiyugyg.txt
2015-01-30 21:32 - 2015-01-30 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-01-30 21:32 - 2015-01-30 21:32 - 00000000 ____D () C:\Program Files\Ruiware
2015-01-30 21:29 - 2015-01-30 21:29 - 00002192 _____ () C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk
2015-01-30 21:29 - 2015-01-30 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-30 19:21 - 2015-01-30 19:21 - 00001536 _____ () C:\Users\SRT Transfer\Desktop\test2.exe
2015-01-30 19:19 - 2015-01-30 19:20 - 00000106 _____ () C:\Users\SRT Transfer\Desktop\test2.c
2015-01-30 19:07 - 2015-01-30 19:07 - 00000000 _____ () C:\Users\SRT Transfer\Desktop\ar_test.a
2015-01-30 19:07 - 2015-01-30 19:07 - 00000000 _____ () C:\Users\SRT Transfer\Desktop\a04024
2015-01-30 19:02 - 2015-01-30 19:03 - 00000103 _____ () C:\Users\SRT Transfer\Desktop\test1.cpp
2015-01-27 00:05 - 2015-01-27 00:05 - 00020955 _____ () C:\Users\SRT Transfer\Desktop\The_Second_Picture.docx_2.odt
2015-01-26 23:06 - 2015-01-26 23:06 - 00019459 _____ () C:\Users\SRT Transfer\Desktop\Description_Essay-_The_Second_Picture.odt
2015-01-26 23:05 - 2015-01-27 00:01 - 00020971 _____ () C:\Users\SRT Transfer\Documents\Description_Essay-_The_Second_Picture.docx_2.odt
2015-01-26 17:21 - 2015-01-26 17:21 - 00040448 _____ () C:\Users\SRT Transfer\Downloads\rig1.fla
2015-01-22 07:06 - 2015-01-22 07:06 - 00020496 _____ () C:\Users\SRT Transfer\Desktop\MQ3.odt
2015-01-22 06:31 - 2015-01-22 06:31 - 00021203 _____ () C:\Users\SRT Transfer\Desktop\MQ 2.odt
2015-01-22 06:30 - 2015-01-22 06:30 - 00020496 _____ () C:\Users\SRT Transfer\Desktop\MQ2.odt
2015-01-18 11:55 - 2015-01-18 11:55 - 00000051 _____ () C:\Users\SRT Transfer\Downloads\sdfwer.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 13:43 - 2012-06-27 18:56 - 01999142 _____ () C:\Windows\WindowsUpdate.log
2015-04-14 13:14 - 2009-07-13 21:34 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-14 13:14 - 2009-07-13 21:34 - 00010128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-14 10:20 - 2012-06-27 19:23 - 00739790 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-14 10:14 - 2014-09-20 22:08 - 00013216 _____ () C:\Windows\setupact.log
2015-04-14 10:14 - 2014-09-12 20:12 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_SRT15.job
2015-04-14 10:14 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-13 20:14 - 2014-09-12 20:12 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_SRT15.job
2015-04-13 19:13 - 2014-09-12 20:12 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_SRT15.job
2015-04-13 12:22 - 2014-09-14 15:28 - 00000000 ____D () C:\Users\SRT 18
2015-04-13 12:22 - 2014-09-14 15:15 - 00000000 ____D () C:\Users\Guest
2015-04-13 12:22 - 2012-06-27 19:25 - 00000000 ____D () C:\Users\SRT15
2015-04-11 16:57 - 2014-09-19 22:44 - 00000000 ____D () C:\Users\Temp
2015-04-02 22:07 - 2012-06-28 08:34 - 00092288 _____ () C:\Windows\PFRO.log
2015-03-31 08:35 - 2014-10-02 12:20 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-26 09:20 - 2014-12-01 09:20 - 00000000 ___RD () C:\Users\SRT Transfer\Desktop\New folder
2015-03-26 09:03 - 2009-07-13 21:53 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2012-08-30 06:11 - 2012-08-30 06:11 - 0027624 _____ () C:\Program Files\changes.txt
2012-08-30 06:20 - 2012-08-30 06:20 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2012-08-30 06:20 - 2012-08-30 06:20 - 0068792 _____ (Beepa P/L) C:\Program Files\fraps64.dat
2012-08-30 06:20 - 2012-08-30 06:20 - 0186552 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2012-08-30 06:17 - 2012-08-30 06:17 - 0140288 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2013-02-23 19:32 - 2013-02-23 19:32 - 4126720 _____ () C:\Program Files\GUT6ED3.tmp
2012-08-30 06:09 - 2012-08-30 06:09 - 0001892 _____ () C:\Program Files\README.HTM
2014-10-01 18:16 - 2014-10-21 07:25 - 0007168 _____ () C:\Users\SRT Transfer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-21 13:54 - 2012-07-21 13:57 - 0000300 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD. Check to make sure user is administrator or see Addition.txt for additional information.

==================== BCD ================================
The boot configuration data store could not be opened.
Access is denied.

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-04-2015
Ran by SRT Transfer at 2015-04-14 14:07:28
Running from C:\Users\SRT Transfer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z6XOALT
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: - )
Bandicam (HKLM\...\Bandicam) (Version: 2.0.3.674 - Bandisoft.com)
BCM V.92 56K Modem (HKLM\...\BCM V.92 56K Modem) (Version: - )
Collab (HKLM\...\Collab) (Version: - Image-Line bvba)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FL Studio 9 (HKLM\...\FL Studio 9) (Version: - Image-Line)
GIMP 2.6.12-2 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.12 - The GIMP Team)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM\...\{B9082609-19CD-3D8D-B53C-E1F0D3F409E3}) (Version: 65.223.114 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hardcore (HKLM\...\Hardcore) (Version: - Image-Line)
IL Download Manager (HKLM\...\IL Download Manager) (Version: - Image-Line)
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Macromedia Fireworks MX 2004 (HKLM\...\{E583ED6F-BD99-4066-A420-C815BF692B69}) (Version: 7 - Macromedia)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
PE Explorer 1.99 R6 (HKLM\...\PE Explorer_is1) (Version: 1.99.6 - Heaventools Software)
PoiZone (HKLM\...\PoiZone) (Version: - Image-Line)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Resource Tuner 2.01 (HKLM\...\Resource Tuner_is1) (Version: 2.01 - Heaventools Software)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sawer (HKLM\...\Sawer) (Version: - Image-Line)
Skype™ 6.7 (HKLM\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.7.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1186 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sync VDC (HKLM\...\{29B48C94-4C23-4732-8214-D66FF0C3AFF4}) (Version: 0.9.210 - Improv Electronics)
Toxic Biohazard (HKLM\...\Toxic Biohazard) (Version: - Image-Line)
Tweaking.com - Simple System Tweaker (HKLM\...\Tweaking.com - Simple System Tweaker) (Version: 2.1.0 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.9.0 - Tweaking.com)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2014-10-02 10:24 - 00000768 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ReclaimerUpdateFiles_SRT15.job =>
Task: C:\Windows\Tasks\ReclaimerUpdateXML_SRT15.job =>
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_SRT15.job =>
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 34e508a9-aeae-4fb1-8fa2-a1d4315d2b7e.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 45647ab3-9897-4623-9e19-879b934d4155.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d38a41dc-3ff1-4eba-9bb9-698910b1af66.job =>

==================== Loaded Modules (whitelisted) ==============

2014-05-08 16:02 - 2014-05-08 16:02 - 00719360 _____ () C:\Program Files\Improv Electronics\Sync VDC\VDC.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1992712658-3633688082-2664566983-1007\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.254

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-1992712658-3633688082-2664566983-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1992712658-3633688082-2664566983-1002 - Limited - Enabled)
Guest (S-1-5-21-1992712658-3633688082-2664566983-501 - Limited - Disabled) => C:\Users\Guest
SRT 18 (S-1-5-21-1992712658-3633688082-2664566983-1003 - Administrator - Enabled) => C:\Users\SRT 18
SRT Allow (S-1-5-21-1992712658-3633688082-2664566983-1008 - Administrator - Enabled) => C:\Users\SRT Allow
SRT NT Base (S-1-5-21-1992712658-3633688082-2664566983-1006 - Administrator - Enabled)
SRT Transfer (S-1-5-21-1992712658-3633688082-2664566983-1007 - Limited - Enabled) => C:\Users\SRT Transfer
SRT15 (S-1-5-21-1992712658-3633688082-2664566983-1000 - Administrator - Enabled) => C:\Users\SRT15
SRTBase (S-1-5-21-1992712658-3633688082-2664566983-1004 - Administrator - Enabled) => C:\Users\SRTBase
Temp (S-1-5-21-1992712658-3633688082-2664566983-1009 - Limited - Enabled) => C:\Users\Temp

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 00:17:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/13/2015 00:17:06 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/31/2015 00:54:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/31/2015 00:54:24 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/30/2015 10:39:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (03/30/2015 10:39:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (03/26/2015 10:09:26 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/26/2015 10:09:25 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/26/2015 10:09:07 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

Error: (03/26/2015 10:09:06 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.

System errors:
=============
Error: (04/14/2015 01:43:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/14/2015 01:43:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (04/14/2015 01:43:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/14/2015 01:43:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (04/14/2015 11:02:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (04/14/2015 11:02:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (04/14/2015 10:16:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (04/14/2015 10:14:47 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}2{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/14/2015 10:14:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).

Error: (04/14/2015 10:14:32 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}2{ECF5BF46-E3B6-449A-B56B-43F58F867814}

Microsoft Office Sessions:
=========================
Error: (04/13/2015 00:17:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NETGEAR\WNA3100\WPSAgt64.exe

Error: (04/13/2015 00:17:06 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (03/31/2015 00:54:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NETGEAR\WNA3100\WPSAgt64.exe

Error: (03/31/2015 00:54:24 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (03/30/2015 10:39:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\NETGEAR\WNA3100\WPSAgt64.exe

Error: (03/30/2015 10:39:45 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (03/26/2015 10:09:26 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2015 10:09:25 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2015 10:09:07 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (03/26/2015 10:09:06 AM) (Source: MsiInstaller) (EventID: 11500) (User: RT15)
Description: Product: Sync VDC -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)(NULL)(NULL)

==================== Memory info ===========================

Processor: Intel® Pentium® 4 CPU 2.80GHz
Percentage of memory in use: 90%
Total physical RAM: 1022.07 MB
Available physical RAM: 94.55 MB
Total Pagefile: 2046.07 MB
Available Pagefile: 446.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.47 GB) (Free:25.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

==================== End Of Log ============================

 

 

short-cuts scan #2:

 

Users shortcut scan result (x86) Version: 13-04-2015
Ran by SRT Transfer at 2015-04-14 14:14:19
Running from C:\Users\SRT Transfer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8Z6XOALT
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)

 

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boogie Board Sync VDC.lnk -> C:\Program Files\Improv Electronics\Sync VDC\VDC.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Users\SRT Transfer\Desktop\GIMP2\bin\gimp-2.8.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk -> C:\Windows\Installer\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}\MOVIEMK.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol Explorer.lnk -> C:\Program Files\Ruiware\WinPatrol\WinPatrolEx.exe (Ruiware LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol Help.lnk -> C:\Program Files\Ruiware\WinPatrol\features.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\WinPatrol.lnk -> C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe (Ruiware LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Simple System Tweaker\Tweaking.com - Registry Backup.lnk -> C:\Program Files\Tweaking.com\Simple System Tweaker\files\registry_backup_tool\TweakingRegistryBackup.exe (Tweaking.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Simple System Tweaker\Tweaking.com - Simple System Tweaker.lnk -> C:\Program Files\Tweaking.com\Simple System Tweaker\Simple_System_Tweaker.exe (Tweaking.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\File Shredder.lnk -> C:\Program Files\Spybot - Search & Destroy\SDShred.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Spybot - Search & Destroy.lnk -> C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Tutorial.lnk -> C:\Program Files\Spybot - Search & Destroy\Help\English.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Uninstall Spybot-S&D.lnk -> C:\Program Files\Spybot - Search & Destroy\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Update Spybot-S&D.lnk -> C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk -> C:\Program Files\Real\RealPlayer\realconverter.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk -> C:\Program Files\Real\RealPlayer\realtrimmer.exe (RealNetworks, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Base.lnk -> C:\Program Files\OpenOffice.org 3\program\sbase.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Calc.lnk -> C:\Program Files\OpenOffice.org 3\program\scalc.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Draw.lnk -> C:\Program Files\OpenOffice.org 3\program\sdraw.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Impress.lnk -> C:\Program Files\OpenOffice.org 3\program\simpress.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Math.lnk -> C:\Program Files\OpenOffice.org 3\program\smath.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org Writer.lnk -> C:\Program Files\OpenOffice.org 3\program\swriter.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1\OpenOffice.org.lnk -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie\NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia\Macromedia Fireworks MX 2004.lnk -> C:\Users\SRT Transfer\Desktop\Macromedia Fireworks\Fireworks MX 2004\Fireworks.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia\Readme Files\Macromedia Fireworks MX 2004 Readme.lnk -> C:\Users\SRT Transfer\Desktop\Macromedia Fireworks\Fireworks MX 2004\Readme.htm (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\Collab\Collab.lnk -> C:\Program Files\Image-Line\Collab\Collab.exe (Image-Line bvba)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\Collab\Read me.lnk -> C:\Program Files\Image-Line\Collab\readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\Collab\Uninstall.lnk -> C:\Program Files\Image-Line\Collab\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Fraps.lnk -> C:\Program Files\fraps.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps\Uninstall.lnk -> C:\Program Files\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5\CyberGhost 5.lnk -> C:\Program Files\CyberGhost 5\CyberGhost.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5\Uninstall CyberGhost 5.lnk -> C:\Program Files\CyberGhost 5\unins000.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.lnk -> C:\Users\SRT Transfer\Desktop\Fruity Loops 8\ASIO\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Off-Line Settings.lnk -> C:\Users\SRT Transfer\Desktop\Fruity Loops 8\ASIO\ASIO4ALL v2\a4apanel.EXE (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL Web Site.lnk -> C:\Users\SRT Transfer\Desktop\Fruity Loops 8\ASIO\ASIO4ALL v2\ASIO4ALL Web Site.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\Uninstall.lnk -> C:\Users\SRTBase\Desktop\Fruity Loops 8\ASIO\ASIO4ALL v2\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Configuration.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Microsoft .NET Framework 1.1 Wizards.lnk -> C:\Windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Fraps.lnk -> C:\Program Files\fraps.exe (No File)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Public\Desktop\Sync VDC.lnk -> C:\Program Files\Improv Electronics\Sync VDC\VDC.exe ()
Shortcut: C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk -> C:\Program Files\Tweaking.com\Simple System Tweaker\Simple_System_Tweaker.exe (Tweaking.com)
Shortcut: C:\Users\SRT Transfer\Videos\RealNetworks\RealPlayer Trimmer.lnk -> C:\Program Files\Real\RealPlayer\realtrimmer.exe (RealNetworks, Inc.)
Shortcut: C:\Users\SRT Transfer\Links\Desktop (2).lnk -> C:\Users\SRT Transfer\Desktop ()
Shortcut: C:\Users\SRT Transfer\Links\Desktop.lnk -> C:\Users\SRT Transfer\Desktop ()
Shortcut: C:\Users\SRT Transfer\Links\Downloads (2).lnk -> C:\Users\SRT Transfer\Downloads ()
Shortcut: C:\Users\SRT Transfer\Links\Downloads.lnk -> C:\Users\SRT Transfer\Downloads ()
Shortcut: C:\Users\SRT Transfer\Links\SRT Transfer.lnk -> C:\Users\SRT Transfer ()
Shortcut: C:\Users\SRT Transfer\Desktop\FL.lnk -> C:\Users\SRTBase\Desktop\fl studio 9\FL.exe (Image-Line)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\cmd.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Fraps.lnk -> C:\Users\SRT Transfer\Desktop\FRAPS\fraps.exe (No File)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Free YouTube Downloader Audio.lnk -> C:\Users\SRT Transfer\Music\Free YouTube Downloader ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Free YouTube Downloades.lnk -> C:\Users\SRT Transfer\Videos\Free YouTube Downloader ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\HiJackThis.lnk -> C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe (Trend Micro Inc.)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\SRT Transfer.lnk -> C:\Users\SRT Transfer ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\System32.lnk -> C:\Windows\System32 ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\vlc.lnk -> C:\Users\SRT Transfer\Desktop\vlc-2.1.5\vlc.exe (No File)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\WinRAR (2).lnk -> C:\Users\SRTBase\Desktop\WinRAR\WinRAR ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\winrar.lnk -> C:\Users\SRTBase\Desktop\WinRAR\winrar ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Fraps\Uninstall.lnk -> C:\Users\SRTBase\Desktop\FRAPS\uninstall.exe (No File)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Flash\Flash Works - Demon Barber.lnk -> C:\Users\SRT Transfer\Desktop\Video Works\Demon Barber\Other Post Final Flash - Demon Barber (No File)
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\Final Video\Finals - WinMov2.6.lnk -> C:\Users\SRT Transfer\Videos ()
Shortcut: C:\Users\SRT Transfer\Desktop\New folder\D.VS,Scenes\WinRAR.lnk -> C:\Users\SRT Transfer\Desktop\WinRAR\WinRAR.exe (No File)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk -> C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe (Trend Micro Inc.)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Bandicam.lnk -> C:\Users\SRT Transfer\Desktop\Bandicam\bdcam.exe (No File)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Task Manager.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)

ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Real\RealPlayer\History\Stay Connected.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> hxxp://www.real.com/realplayer/video-features
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Real\RealPlayer\History\Untitled.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /startpos:00:00:00.0 hxxp://stream-aac.infowars.com

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol\Uninstall WinPatrol.lnk -> C:\ProgramData\InstallMate\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}\Setup.exe (Tarma Software Research Pty Ltd) -> /remove /q0
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Simple System Tweaker\Uninstall Tweaking.com - Simple System Tweaker.lnk -> C:\Program Files\Tweaking.com\Simple System Tweaker\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\Program Files\Tweaking.com\Simple System Tweaker\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) -> /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Spybot - Search & Destroy (for blind users).lnk -> C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) -> /blinduser
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie\Uninstall NETGEAR WNA3100 Software.lnk -> C:\Program Files\InstallShield Installation Information\{C2425F91-1F7B-4037-9A05-9F290184798D}\setup.exe (Acresso Software Inc. ) -> -z "-Remove"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\SRT Transfer\Videos\RealNetworks\RealPlayer.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /launch:start_menu
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Real\RealPlayer\History\Facerocker_75_iTunes_1.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /startpos:00:00:00.0 file://C:/Users/SRT Transfer/Desktop/Facerocker_75_iTunes_1.mp3
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Real\RealPlayer\History\GFH.lnk -> C:\Program Files\Real\RealPlayer\realplay.exe (RealNetworks, Inc.) -> /startpos:00:00:00.0 file://C:/Users/SRT Transfer/Desktop/GFH.swf
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\Users\SRT Transfer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1

InternetURL: C:\Users\SRT Transfer\Favorites\Links\blank.url -> about:blank
InternetURL: C:\Users\SRT Transfer\Favorites\Links\Death Row Information.url -> hxxp://www.tdcj.state.tx.us/death_row/dr_executed_offenders.html
InternetURL: C:\Users\SRT Transfer\Favorites\Links\Last Week Tonight with John Oliver Nuclear Weapons (HBO) - YouTube.url -> hxxp://www.youtube.com/watch?v=1Y1ya-yF35g
InternetURL: C:\Users\SRT Transfer\Favorites\Links\Suggested Sites (2).url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\SRT Transfer\Favorites\Links\Suggested Sites.url -> 0
InternetURL: C:\Users\SRT Transfer\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\SRT Transfer\Favorites\Links\YouTube to mp3 Converter.url -> hxxp://www.youtube-mp3.org/
InternetURL: C:\Users\SRT Transfer\Desktop\New folder\uh\order.url -> hxxp://www.heaventools.com/order-rt.htm
InternetURL: C:\Users\SRT Transfer\Desktop\New folder\uh\pexforum.url -> hxxp://www.heaventools.com/forum.htm
InternetURL: C:\Users\SRT Transfer\Desktop\New folder\uh\pexplorer.url -> hxxp://www.heaventools.com/overview.htm
InternetURL: C:\Users\SRT Transfer\Desktop\New folder\uh\restuner.url -> hxxp://www.heaventools.com/resource-tuner.htm

==================== End of log =============================

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,733 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:47 AM

Posted 19 April 2015 - 06:40 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/573241 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,733 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:47 AM

Posted 24 April 2015 - 06:40 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users