Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware Infection [Solved]

HP printer HP computer

  • This topic is locked This topic is locked

#31
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Chris on Sat 06/28/2014 at 12:45:54.32

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

~~~ Services

 

 

~~~ Registry Values

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9A5C2647-D81B-4BE5-B968-C75DAD0428D0}

 

 

~~~ Files

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{00449857-2714-4FC6-917B-909FC2E27B00}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{0367EC1C-0BE7-4456-AF48-29D307551E5F}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{06A67013-CEE8-46C5-B75D-2ADC34FC4CB7}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{09D52EC0-7FA0-4CBE-B4A4-DC15CAE67336}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{0EA3FB25-B067-450D-B26F-634E87E8955C}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{13FA810C-6051-4010-82D1-41FE9D04EB52}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1601A01C-D3E6-4F1B-AF31-DB7FC4C12F56}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1853BE8E-E3B5-417B-A2BA-B02F8185B21D}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1B51F21D-130F-4AEB-90BD-9245B8D6F105}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1B5FD017-2074-4BFE-AC7A-35C351D63152}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1C098980-9C60-45B1-A4EB-F02F07F171E6}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{1FE637AE-5682-4F50-AE5E-A561DF169298}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{2596C127-3DF6-4B44-BD4D-EDB3CB134D0C}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{25A9A2A1-9FA3-469E-A8F3-8BD4737D65C1}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{2637862F-6C7A-468F-A680-AD8D3475F4A0}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{2A1AE30E-2E18-4EA3-A802-FE7C3C63CAFE}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{2BA9DF63-D75C-403B-BE77-1A6CC980EBF0}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{309F2AE0-A45B-415B-91ED-8D6B4F993D27}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3473DCF5-51C2-40B9-97B9-AB9468579944}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{39818A79-EA6F-4A39-88C5-0C0054A6145C}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3A7DAF04-A334-4916-8228-D7630F981BE2}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{3DF21B8B-6D1F-4BF7-8529-59A2CAF36E2F}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{446B1140-A946-45DC-AAA0-B72FDFFFE5DB}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{4473F3C7-0B31-4EA2-94C4-04BC96FA4B36}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{499C52E9-13EE-40DC-B756-9A7D6DDC6CA5}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{4AC1209B-6925-433F-8B36-844F70BC0283}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{4B3A77A3-C392-40E1-A208-835D2D8BA41E}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{53926127-6BC9-43C6-B983-A8405EFF0F2C}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{56236762-2748-469A-8792-174158DE2782}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{562B0D39-1F2C-4C0A-BD00-8490A9C24B1A}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{59CFAAE9-57B6-4B80-ADED-77FD2F72C659}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{5E6E88AC-2CF6-4364-A55E-1AC5EB0BD596}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{5F53FB00-1872-48B8-AD11-BB3EB25D306A}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{65DC868E-4E80-4F97-B7EC-3E970D301872}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{69CE8BEC-F706-4202-9B6E-D8BEBA5FDC2C}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{6BF853D2-CA12-462A-8D3A-AEC28BF5BF5E}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{6D965781-9096-4F95-AF44-AE5D6E00B330}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7988DA3F-D4D4-4743-BDF1-2A5A0EA76C93}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7D49C973-4BC7-4ADA-A2E1-C1E3BF9AEC89}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7D5CE0D5-A76D-4CA1-B465-AF9CB4DF82E8}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{7D7EA883-18C1-4711-A781-256674A21C22}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{888ED02B-E564-4BC1-9E99-0D38CCB1B528}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{8925DE05-A717-486A-818B-21EAD4594F02}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{893A1260-2ABD-49B0-9EF4-30B696F1F804}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{8DA4A61F-2432-4023-88BF-94CE7864B773}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{8EB1AEA4-5F5D-498E-8CA7-C50067B86E49}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{97B74FB6-26AA-4CDB-A834-7FFDD834B813}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{994A2587-C914-4070-AE42-90104C6FD026}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{9B9820D8-BAAC-4814-A8CF-AA8D47DE1F09}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{9C979595-13EE-4C1E-AE03-E13938C2F91B}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{9D435E39-79AD-4326-BE9B-F58A81A88611}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{A2E960E7-3132-4BFB-8D0B-0B310525EAF0}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{A3C28592-601C-4172-94EB-661129B05644}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{A55EABC1-9063-4754-A195-79D96FEEBA64}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{A7802573-D86A-4B76-9B9B-FFC0B77246E3}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{AB04B117-F922-46F9-9E1E-11784C1D748C}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{AC18C8DE-A162-40F2-88B8-24805D9E5F8E}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{B308A149-CCEA-4F4B-84BD-1ABD88CBB366}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{B743BDC2-A514-44B1-800D-7FDE729135B3}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{B7E11E05-2995-4C79-8279-22BABC4F8485}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{B9B91718-D13F-47B1-BF27-B0C7D54CD8F5}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{BAA65C38-42E8-4B84-A7CC-A6B7DEA2CA3D}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{BD23BF6B-04F1-4CF2-B34F-7D538E7C1A27}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{BF2E1BFC-B42F-4400-92C7-8DBC0AE80658}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{C17A3EFD-511E-466A-80A9-DADF400AB461}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{C2F7E974-EEB7-4833-8504-30C06CA7F592}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{CA9F2F8B-0DB4-4C74-8B81-6ECA9831D24B}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{CAF14306-B824-48F4-B80D-DEBF64AB869F}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{CCBBBE7A-1358-42E0-95E5-2F67330BFC18}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{CDA49A19-B097-4C12-9988-4603DB814BBD}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D06B62BD-5FC6-48D3-8A25-8CAD32F1A5DC}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D2CF6B99-304B-4BCE-8E15-1177316185D0}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D2F70D85-8DB3-4FE5-AC80-B9765E5AEC7B}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D6BED4A5-FD6C-4A9A-B8D1-8E326FBE0645}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D75848C2-701B-4626-8CC2-66A18BC51091}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{D9F16878-1DBD-4A31-B509-D4F3959BCA91}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{DF8CED38-72BF-4F37-80E0-D77D390B5069}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E232F0D5-9683-4093-9A22-425DF28446AC}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E64DC2E7-9D00-4E61-8586-B01CBAD3A5B9}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E96472EE-EC82-4BF5-B3B5-8DCA7B8EF26B}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{E9A373E1-E331-460D-9478-9C158866E194}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F3C87732-ADB0-40C4-8D9B-18234A9E4FA5}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F4C3C143-CB24-42E9-8DD7-3EA1451E582A}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F6EA1C5A-566B-4188-8EC5-9D97A478165F}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{F8365AD3-8181-4716-A7AE-CC434DF90C6B}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{FC0F6D3F-D6ED-4246-A730-644ACA7A0318}

Successfully deleted: [Empty Folder] C:\Users\Chris\appdata\local\{FD91A1E3-CDE8-40F5-A876-CF3A817EE229}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sat 06/28/2014 at 12:49:29.82

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

Advertisements


#32
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Let's get a scan of the master boot record, a look at what services other than the system restore are broken and a fresh OTL scan to make sure everything in the original log has been taken care of.
 

 

Step-1.
Programs to download:
 
1.
Click here to download aswMBR.exe and save it to the desktop.
2.
Click here to download the Farbar Service Scanner and save it to the desktop.

 

 

Step-2.
Run aswMBR
 

  • Close all windows and open browsers.
  • Right click the aswMBR.exe file and click Run as Administrator to run the application.
  • Click the Scan button to start the scan.
    aswMBRVM.png
     
  • If your computer supports Virtualization Technology you will see a box like the one below, click the Yes button.
    msgbox.png
     
  • On completion of the scan click Save Log, save it to your desktop and post in your next reply.

aswMBRVM1.png

NOTE: When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename the executable (aswMBR.exe) to iexplore.exe and try it again.
 

 

Step-3.
Run Farbar Service Scanner
 

  • Right click the FSS.exe file, click Run as Administrator and OK any UAC prompts.

    fss1.jpg
  • Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

Step-4.
otlicon.png
OTL Scan

  • Open OTL on the desktop and click the QuickScan.Png button to start the scan.
  • Post the OTL.txt log in your next reply.

 

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. The aswMBR log
2. The FSS.txt

3. The new OTL.txt log


  • 0

#33
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

The aswMBR log was saved as a *.dat file.  How would you like me to handle this?

 

 

 

Farbar Service Scanner Version: 10-06-2014

Ran by Chris (administrator) on 29-06-2014 at 05:51:25

Running from "C:\Users\Chris\Desktop"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

Windows Firewall:

=============

 

Firewall Disabled Policy:

==================

 

System Restore:

============

System Restore Disabled Policy:

========================

 

Action Center:

============

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy:

============================

 

Windows Defender:

==============

Other Services:

==============

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

**** End of log ****Farbar Service Scanner Version: 10-06-2014

Ran by Chris (administrator) on 29-06-2014 at 05:51:25

Running from "C:\Users\Chris\Desktop"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

 

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

Windows Firewall:

=============

 

Firewall Disabled Policy:

==================

 

System Restore:

============

System Restore Disabled Policy:

========================

 

Action Center:

============

 

Windows Update:

============

 

Windows Autoupdate Disabled Policy:

============================

 

Windows Defender:

==============

Other Services:

==============

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

**** End of log ****

 

 

 

OTL logfile created on: 6/29/2014 5:53:50 AM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Chris\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.91 Gb Total Physical Memory | 6.64 Gb Available Physical Memory | 83.92% Memory free
15.82 Gb Paging File | 14.46 Gb Available in Paging File | 91.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914.76 Gb Total Space | 772.49 Gb Free Space | 84.45% Space Free | Partition Type: NTFS
Drive D: | 16.66 Gb Total Space | 2.05 Gb Free Space | 12.30% Space Free | Partition Type: NTFS

Computer Name: CHRIS-HP | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/06/24 14:27:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/05/30 02:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/10/11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2014/06/05 21:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/14 06:14:23 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/20 23:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/03/20 00:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/09/01 02:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0)
SRV - [2011/08/03 07:55:11 | 002,656,536 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/08/03 07:54:41 | 000,326,424 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/01 19:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/06 09:42:12 | 002,350,176 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/09 18:36:16 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2012/04/09 18:10:05 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/04/09 18:10:05 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/03/20 00:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/30 03:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/19 01:02:35 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2011/09/14 03:35:45 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/08/03 07:51:56 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...TF-8&gws_rd=ssl
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7GGNI_enUS487
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "https://www.google.c...F-8&gws_rd=ssl"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[2014/06/26 15:21:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2014/06/26 16:28:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\extensions
[2014/06/26 16:28:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2014/06/26 16:08:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\w24xywz3.default\extensions
[2014/06/26 15:21:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/26 15:21:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome  ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.co...client&ie=UTF-8
CHR - plugin: First user (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/06/18 16:00:38 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.comcastsu...oad/tgctlsr.cab (SupportSoft Script Runner Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1189782-F148-430E-B2B0-8C873FF7D3A6}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll) -  File not found
O36 - AppCertDlls: x86 - (c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll) -  File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/06/29 05:43:09 | 000,415,744 | ---- | C] (Farbar) -- C:\Users\Chris\Desktop\FSS.exe
[2014/06/29 05:41:21 | 005,185,536 | ---- | C] (AVAST Software) -- C:\Users\Chris\Desktop\aswmbr.exe
[2014/06/28 12:45:53 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/06/28 08:29:21 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Chris\Desktop\JRT.exe
[2014/06/27 19:54:02 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014/06/27 19:51:01 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/06/26 15:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/06/26 15:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/25 20:18:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/06/24 14:27:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2014/06/22 21:06:18 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\ElevatedDiagnostics
[2014/06/21 19:18:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014/06/21 19:18:43 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014/06/20 14:19:56 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\Adobe
[2014/06/19 06:01:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/06/18 16:05:15 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/06/18 16:04:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2014/06/18 13:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/06/14 17:11:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
[2014/06/14 15:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2014/06/14 08:37:31 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\FixPrinterProblems
[2014/06/14 08:36:29 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Stuff
[2014/06/12 17:27:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\x64
[2014/06/11 21:51:29 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/06/11 15:08:02 | 000,439,296 | ---- | C] (Sendori) -- C:\Windows\SysNative\plsapp64.dll
[2014/06/11 15:07:05 | 000,000,000 | ---D | C] -- C:\Users\Chris\Documents\DVDVideoSoft
[2014/06/11 14:55:16 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Trista
[2014/06/10 19:31:41 | 000,000,000 | ---D | C] -- C:\Windows\System\x64
[2014/06/09 18:22:44 | 000,000,000 | ---D | C] -- C:\RegBackup
[2014/06/09 16:47:16 | 000,000,000 | ---D | C] -- C:\CAT-Logs
[2014/06/09 16:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up
[2014/06/09 15:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com
[2014/06/08 16:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/06/07 17:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/06/07 17:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/06/07 17:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/06/07 17:06:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/06/07 17:06:03 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/06/05 14:35:37 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\QuickScan
[2014/06/05 14:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartPCScan
[2014/06/04 21:50:51 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrickHouse
[2014/06/04 21:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrickHouse
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/06/29 05:49:09 | 000,000,512 | ---- | M] () -- C:\Users\Chris\Desktop\MBR.dat
[2014/06/29 05:43:11 | 000,415,744 | ---- | M] (Farbar) -- C:\Users\Chris\Desktop\FSS.exe
[2014/06/29 05:41:58 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/29 05:41:58 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/29 05:41:29 | 005,185,536 | ---- | M] (AVAST Software) -- C:\Users\Chris\Desktop\aswmbr.exe
[2014/06/29 05:40:53 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/29 05:40:53 | 000,650,642 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/29 05:40:53 | 000,118,410 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/29 05:36:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/29 05:36:28 | 2073,964,543 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/28 08:29:24 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Chris\Desktop\JRT.exe
[2014/06/28 08:27:07 | 000,002,150 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/06/27 19:50:08 | 001,342,659 | ---- | M] () -- C:\Users\Chris\Desktop\AdwCleaner.exe
[2014/06/27 13:01:55 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/06/26 15:21:18 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/24 14:27:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Chris\Desktop\OTL.exe
[2014/06/21 05:37:03 | 000,550,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/18 16:06:41 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/06/18 16:00:38 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/06/18 15:58:27 | 000,782,470 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/18 15:45:58 | 000,002,165 | ---- | M] () -- C:\Users\Chris\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2014/06/14 18:13:21 | 000,010,230 | ---- | M] () -- C:\Users\Chris\Documents\cc_20140614_181314.reg
[2014/06/14 16:57:35 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_137
[2014/06/14 14:44:57 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_681
[2014/06/14 05:54:08 | 000,010,868 | ---- | M] () -- C:\Users\Chris\Documents\cc_20140614_055402.reg
[2014/06/13 21:44:07 | 000,676,910 | ---- | M] () -- C:\Users\Chris\Desktop\BusinessCardREI_edited-4.psd
[2014/06/13 18:46:45 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_269
[2014/06/13 16:53:35 | 000,176,992 | ---- | M] () -- C:\Users\Chris\Documents\cc_20140613_165328.reg
[2014/06/13 13:44:29 | 000,802,526 | ---- | M] () -- C:\Users\Chris\Documents\cc_20140613_134417.reg
[2014/06/12 21:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/12 15:04:32 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2014/06/10 21:06:05 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_278
[2014/06/10 20:29:56 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_91
[2014/06/10 20:00:01 | 000,028,640 | ---- | M] (Uwe Sieber - www.uwe-sieber.de) -- C:\Windows\SysNative\DriveCleanup.exe
[2014/06/09 19:02:04 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_498
[2014/06/09 18:43:16 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-CHRIS-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/06/07 17:06:23 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/06/06 11:27:10 | 000,015,456 | ---- | M] () -- C:\Users\Chris\Documents\cc_20140606_112706.reg
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/06/29 05:49:09 | 000,000,512 | ---- | C] () -- C:\Users\Chris\Desktop\MBR.dat
[2014/06/27 19:50:02 | 001,342,659 | ---- | C] () -- C:\Users\Chris\Desktop\AdwCleaner.exe
[2014/06/27 13:01:55 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
[2014/06/26 15:21:18 | 000,001,165 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/26 15:21:18 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/22 10:46:48 | 000,002,150 | ---- | C] () -- C:\Windows\epplauncher.mif
[2014/06/21 05:36:53 | 000,550,784 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/18 15:45:58 | 000,002,165 | ---- | C] () -- C:\Users\Chris\Desktop\Tweaking.com - Windows Repair (All in One).lnk
[2014/06/18 13:23:23 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
[2014/06/14 18:13:19 | 000,010,230 | ---- | C] () -- C:\Users\Chris\Documents\cc_20140614_181314.reg
[2014/06/14 15:53:33 | 000,001,188 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2014/06/14 05:54:06 | 000,010,868 | ---- | C] () -- C:\Users\Chris\Documents\cc_20140614_055402.reg
[2014/06/13 16:53:30 | 000,176,992 | ---- | C] () -- C:\Users\Chris\Documents\cc_20140613_165328.reg
[2014/06/13 13:44:23 | 000,802,526 | ---- | C] () -- C:\Users\Chris\Documents\cc_20140613_134417.reg
[2014/06/09 18:43:16 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-CHRIS-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
[2014/06/09 16:15:36 | 000,002,853 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
[2014/06/07 17:06:22 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/06/06 11:27:08 | 000,015,456 | ---- | C] () -- C:\Users\Chris\Documents\cc_20140606_112706.reg
[2013/12/11 22:02:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\Nature
[2013/12/11 22:02:47 | 000,000,000 | ---- | C] () -- C:\ProgramData\Jazz
[2013/06/27 07:09:23 | 000,049,640 | ---- | C] () -- C:\Windows\SysWow64\MyDefrag.dat
[2013/06/26 13:55:34 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/04/03 17:35:03 | 001,083,149 | ---- | C] () -- C:\Users\Chris\AppData\Local\census.cache
[2013/04/03 17:35:00 | 000,112,127 | ---- | C] () -- C:\Users\Chris\AppData\Local\ars.cache
[2013/04/03 17:29:27 | 000,000,036 | ---- | C] () -- C:\Users\Chris\AppData\Local\housecall.guid.cache
[2013/02/09 21:59:03 | 000,000,268 | RH-- | C] () -- C:\Users\Chris\AppData\Roaming\MIDI Configurations
[2013/02/09 21:59:03 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Machines
[2013/02/09 21:58:42 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MIDI Patch Names
[2013/02/09 21:58:42 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Mail
[2013/02/09 21:58:20 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Organs
[2013/02/09 21:58:20 | 000,000,268 | RH-- | C] () -- C:\Users\Chris\AppData\Roaming\Nature Sounds
[2013/02/09 21:58:20 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2012/09/27 15:09:01 | 000,000,268 | RH-- | C] () -- C:\Users\Chris\AppData\Roaming\MIDI Devices
[2012/09/27 15:09:01 | 000,000,268 | RH-- | C] () -- C:\Users\Chris\AppData\Roaming\MAS
[2012/09/27 15:09:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/09/27 15:09:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/09/27 15:09:01 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/06/29 05:54:48 | 000,000,089 | ---- | C] () -- C:\Users\Chris\AppData\Local\msmathematics.qat.Chris
[2012/06/22 06:10:12 | 000,007,628 | ---- | C] () -- C:\Users\Chris\AppData\Local\resmon.resmoncfg

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = c:\windows\syswow64\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/19 07:28:41 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AnvSoft
[2013/03/10 17:16:56 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\AVICFeeds
[2014/01/04 15:49:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\chc
[2012/07/08 16:11:40 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/04/18 14:59:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\com.nikonimagespace.uploader
[2012/06/26 07:06:14 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Digiarty
[2014/03/09 08:57:13 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\eM Client
[2012/06/27 13:16:27 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\enchant
[2013/09/17 20:26:52 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Flexrise
[2012/12/17 10:40:23 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1
[2014/03/28 12:17:26 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Leadertech
[2012/10/05 17:17:08 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Nikon
[2013/06/09 13:21:30 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Nuance
[2013/06/09 13:39:00 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Nuclear Coffee
[2012/06/28 05:18:53 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\PowerISO
[2014/06/05 14:35:37 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\QuickScan
[2012/07/17 05:49:59 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Softland
[2014/06/09 13:46:09 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\WildTangent
[2012/06/05 16:26:58 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\WinBatch
[2013/01/23 17:18:04 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Windows Live Writer
[2013/06/09 08:24:11 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Zeon

========== Purity Check ==========
 

< End of report >


  • 0

#34
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

I'm sorry but I received an email that said you posted instructions to my last post.  The instructions don't seem to match up to my last post plus there is no post in the forum.  I just want to clearify things before I go further. 

 

This would be in regards to this question:  "The aswMBR log was saved as a *.dat file.  How would you like me to handle this?"


  • 0

#35
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

I don't need to see the MBR.dat file. If you ran the aswMBR.exe file from the desktop it should have saved a file named aswMBR.TXT to the desktop. That's the one I need to see. If it isn't on the desktop, please do a search for it. You can do that by clicking the Start Orb, and in the Start Search box type aswmbr.txt and see if the file is found.

If the aswMBR.txt file can't be located, run the program and at the end of the scan, click the Save log button and save the aswMBR.txt file to the desktop. Post the contents of that file.


  • 0

#36
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software

Run date: 2014-06-29 05:47:49

-----------------------------

05:47:49.472    OS Version: Windows x64 6.1.7601 Service Pack 1

05:47:49.472    Number of processors: 4 586 0x2A07

05:47:49.472    ComputerName: CHRIS-HP  UserName: Chris

05:47:50.518    Initialize success

05:47:50.564    VM: initialized successfully

05:47:50.564    VM: Intel CPU BiosDisabled

05:47:55.587    VM: supported disk I/O iaStor.sys

05:48:15.939    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

05:48:15.939    Disk 0 Vendor: ST1000DM HP13 Size: 953869MB BusType: 3

05:48:16.048    Disk 0 MBR read successfully

05:48:16.064    Disk 0 MBR scan

05:48:16.064    Disk 0 Windows 7 default MBR code

05:48:16.064    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048

05:48:16.079    Disk 0 default boot code

05:48:16.079    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       936710 MB offset 206848

05:48:16.110    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        17057 MB offset 1918588928

05:48:16.157    Disk 0 scanning C:\Windows\system32\drivers

05:48:22.475    Service scanning

05:48:33.426    Modules scanning

05:48:33.426    Disk 0 trace - called modules:

05:48:33.442    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

05:48:33.442    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a053060]

05:48:33.442    3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b57050]

05:48:33.458    Scan finished successfully

05:49:09.338    Disk 0 MBR has been saved successfully to "C:\Users\Chris\Desktop\MBR.dat"

05:49:09.338    The log file has been saved successfully to "C:\Users\Chris\Desktop\aswMBR.txt"


  • 0

#37
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Thanks. I don't see anything in the aswMBR scan. And I don't see any broken services. But something is stopping System Restore from creating a restore point and MSE from installing. There are some files I want to have checked.

 

Virustotal File Upload:

To use Virustotal go  Here
Vp8Js.png

  • Click  the Choose File button in the middle of the screen. This will open a File Upload window.
  • On the File Upload window, in the File name box, type, or copy and paste the following and click Open:
    NOTE.. Only one file per scan

    C:\ProgramData\Machines
    C:\ProgramData\PKP_DLeo.DAT
    C:\ProgramData\PKP_DLev.DAT

     
  • This will put the file in the  box on the Virustotal page.
  • Click the Scan it! button.
  • IF you get  a message that the file has already been analyzed click the Reanalyze button and the file will be scanned.
  • Please be patient while the file is scanned. It may take several minutes.
  • Once the scan results appear, please copy and paste the Virustotal link(s) (URL) in your next reply
  • Repeat 1 thru 7 for each file listed.

 

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
The URL links to the VirusTotal scans


  • 0

#38
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

1e74c1822c41c489fb1cf083fad5563d78697dd398bed7cb7a63026e172984fb

 

55cca21f3775ed2a1729ac1856a69a3e2acc92b19502f6460353f8e2624af2af

 

d8b5f4748b5986e61702828a1e5ddd43835623c88166b45d346cfc0987a6f8e5

 

 

 

Chris


  • 0

#39
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

I want you to cycle the Windows firewall. Click the Start Orb. In the Start Search box type firewall.cpl and press the Enter key.The Windows firewall window will open. It should say Windows Firewall is on. If it says Windows Firewall is off, click the change settings link and click Continue on the UAC warning. The Firewall settings window will open. Click the radio button beside On (recommended) and then click the Apply button.

If the firewall is already on, click the change settings link and click the radio button beside Off (not recommended), then click the Apply button. Then use the instruction above and turn the firewall back on.

Have you been having any problems download and installing Windows updates?

I'm going to look back through your other topic and see what was done with the Windows All-In-One tool. In the meantime I want to get a scan from another tool.


Fabar Recovery Scan
Step-A.
Download the Tool

  • Please click here to go to the Farbar Recovery Scan Tool download page.
  • Click the Download Now(64bit Version) button and save it to your desktop.

Step-B.
Run the Tool
Close all open Windows and browsers

  • Right click the FRST64.exe file and click Run as Administrator to run the tool.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.
1. Let me know if the firewall got cycled successfully.
2. Let me know about the Windows updates.
3. The FRST.txt log
4. The Addition.txt log


  • 0

#40
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

The firewall was in the on position.  I turned it off and then turned it back on like you instructed. The firewall did cycle successfully. 

No, I have not had any problems with windows updates installing.

 

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014

Ran by Chris (administrator) on CHRIS-HP on 01-07-2014 20:07:55

Running from C:\Users\Chris\Desktop

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1450463833-1716714491-3263300153-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)

ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...TF-8&gws_rd=ssl

SearchScopes: HKLM - {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL =

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKCU - {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} URL =

SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL =

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

DPF: HKLM-x32 {01012101-5E80-11D8-9E86-0007E96C65AE} http://www.comcastsu...oad/tgctlsr.cab

DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab

DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\w24xywz3.default

FF Homepage: https://www.google.c...TF-8&gws_rd=ssl

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

Chrome:

=======

CHR HomePage: hxxp://www.google.com/webhp?sourceid=navclient&ie=UTF-8

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File

CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

CHR Plugin: (Java™ Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\alehnfoacogmaadlhenakdcfoinpnhhk [2013-04-05]

CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\alenfoeghpdhdbpobdeeeekbhjnheijk [2013-04-05]

CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-11]

CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-11]

CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-11]

CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-11]

CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\goncfglpmcnoeehekalaobbmkcfogfko [2013-03-23]

CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-01-19]

CHR Extension: (No Name) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oihembdpglninjghlloneejbhjcomaob [2013-03-23]

CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-11]

CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Chris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-06-07]

CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Chris\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-06-07]

==================== Services (Whitelisted) =================

S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)

S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X]

S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X]

S2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [X]

==================== Drivers (Whitelisted) ====================

S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-09] ()

S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]

S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

 

==================== One Month Created Files and Folders ========

 

2014-07-01 20:07 - 2014-07-01 20:08 - 00015761 _____ () C:\Users\Chris\Desktop\FRST.txt

2014-07-01 20:07 - 2014-07-01 20:07 - 00000000 ____D () C:\FRST

2014-07-01 20:04 - 2014-07-01 20:04 - 02083840 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe

2014-06-29 11:27 - 2014-06-29 11:27 - 00001779 _____ () C:\Users\Chris\Desktop\aswMBR2.txt

2014-06-29 05:59 - 2014-06-29 05:59 - 00076616 _____ () C:\Users\Chris\Desktop\OTL2.Txt

2014-06-29 05:51 - 2014-06-29 05:51 - 00002358 _____ () C:\Users\Chris\Desktop\FSS.txt

2014-06-29 05:49 - 2014-06-29 05:49 - 00001779 _____ () C:\Users\Chris\Desktop\aswMBR.txt

2014-06-29 05:49 - 2014-06-29 05:49 - 00000512 _____ () C:\Users\Chris\Desktop\MBR.dat

2014-06-29 05:43 - 2014-06-29 05:43 - 00415744 _____ (Farbar) C:\Users\Chris\Desktop\FSS.exe

2014-06-29 05:41 - 2014-06-29 05:41 - 05185536 _____ (AVAST Software) C:\Users\Chris\Desktop\aswmbr.exe

2014-06-28 12:49 - 2014-06-28 12:49 - 00010072 _____ () C:\Users\Chris\Desktop\JRT.txt

2014-06-28 12:45 - 2014-06-28 12:45 - 00000000 ____D () C:\Windows\ERUNT

2014-06-28 08:44 - 2014-06-28 08:44 - 00007896 _____ () C:\Users\Chris\Desktop\AdwCleaner[S0].txt

2014-06-28 08:29 - 2014-06-28 08:29 - 01016261 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe

2014-06-28 08:20 - 2014-06-28 08:20 - 13829304 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\mseinstall.exe

2014-06-27 19:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-06-27 19:51 - 2014-06-28 08:34 - 00000000 ____D () C:\AdwCleaner

2014-06-27 19:50 - 2014-06-27 19:50 - 01342659 _____ () C:\Users\Chris\Desktop\AdwCleaner.exe

2014-06-27 19:22 - 2014-06-27 19:22 - 00984576 _____ () C:\Users\Chris\Downloads\MicrosoftFixit50906.msi

2014-06-27 13:01 - 2014-06-27 13:01 - 00002241 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk

2014-06-27 13:00 - 2014-06-27 13:00 - 04057608 _____ () C:\Users\Chris\Downloads\tweaking.com_registry_backup_setup.exe

2014-06-27 09:49 - 2014-06-29 05:57 - 00076616 _____ () C:\Users\Chris\Desktop\OTL.Txt

2014-06-26 17:33 - 2014-06-26 17:33 - 00046004 _____ () C:\Users\Chris\Desktop\06262014_171524.log

2014-06-26 17:07 - 2014-06-26 17:07 - 00869456 _____ () C:\Users\Chris\Downloads\Norton_Removal_Tool.exe

2014-06-26 15:21 - 2014-06-26 15:21 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-06-26 15:21 - 2014-06-26 15:21 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-06-26 15:21 - 2014-06-26 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-06-26 15:21 - 2014-06-26 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-06-25 20:18 - 2014-06-25 20:18 - 00000000 ____D () C:\_OTL

2014-06-24 14:27 - 2014-06-24 14:27 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe

2014-06-22 20:41 - 2014-06-22 21:17 - 00000530 _____ () C:\Windows\DtcInstall.log

2014-06-22 10:46 - 2014-06-28 08:27 - 00002150 _____ () C:\Windows\epplauncher.mif

2014-06-22 10:43 - 2014-06-22 10:43 - 00164096 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-21 19:18 - 2014-06-21 20:02 - 00000000 ____D () C:\Program Files\Speccy

2014-06-21 19:18 - 2014-06-21 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2014-06-21 05:37 - 2014-07-01 19:49 - 00003472 _____ () C:\Windows\setupact.log

2014-06-21 05:37 - 2014-06-21 05:37 - 00000000 _____ () C:\Windows\setuperr.log

2014-06-21 05:36 - 2014-06-28 08:35 - 00810530 _____ () C:\Windows\PFRO.log

2014-06-21 05:36 - 2014-06-21 05:37 - 00550784 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-20 14:19 - 2014-06-20 14:35 - 00000000 ____D () C:\Users\Chris\AppData\Local\Adobe

2014-06-19 06:01 - 2014-06-19 06:01 - 00000000 ____D () C:\Program Files (x86)\Java

2014-06-18 15:45 - 2014-06-18 15:45 - 00002165 _____ () C:\Users\Chris\Desktop\Tweaking.com - Windows Repair (All in One).lnk

2014-06-18 13:27 - 2014-06-18 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2014-06-18 13:23 - 2014-06-18 16:06 - 00002010 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk

2014-06-14 18:22 - 2014-07-01 19:52 - 01201701 _____ () C:\Windows\WindowsUpdate.log

2014-06-14 18:13 - 2014-06-14 18:13 - 00010230 _____ () C:\Users\Chris\Documents\cc_20140614_181314.reg

2014-06-14 17:11 - 2014-06-27 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

2014-06-14 15:53 - 2014-06-18 13:27 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk

2014-06-14 15:53 - 2014-06-18 13:27 - 00000000 ____D () C:\Program Files (x86)\Hp

2014-06-14 15:53 - 2014-06-14 16:01 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\HpUpdate

2014-06-14 15:52 - 2014-06-14 17:25 - 00164096 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-14 15:52 - 2014-06-14 15:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\HP

2014-06-14 15:42 - 2014-06-14 15:43 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8EADB24-C07A-4B41-A272-50B9A7174CE0}

2014-06-14 15:42 - 2014-06-14 15:42 - 00001415 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-14 15:42 - 2014-06-14 15:42 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 ____D () C:\Users\Administrator

2014-06-14 15:42 - 2012-07-08 14:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia

2014-06-14 15:42 - 2012-04-09 18:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Hewlett-Packard

2014-06-14 15:42 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-14 15:42 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-06-14 08:37 - 2014-06-26 17:33 - 00000000 ____D () C:\Users\Chris\Desktop\FixPrinterProblems

2014-06-14 08:36 - 2014-06-14 08:37 - 00000000 ____D () C:\Users\Chris\Desktop\Stuff

2014-06-14 05:54 - 2014-06-14 05:54 - 00010868 _____ () C:\Users\Chris\Documents\cc_20140614_055402.reg

2014-06-13 16:53 - 2014-06-13 16:53 - 00176992 _____ () C:\Users\Chris\Documents\cc_20140613_165328.reg

2014-06-13 13:44 - 2014-06-13 13:44 - 00802526 _____ () C:\Users\Chris\Documents\cc_20140613_134417.reg

2014-06-12 17:27 - 2014-06-12 17:27 - 00000000 ____D () C:\Windows\system32\x64

2014-06-11 15:08 - 2013-11-13 20:41 - 00439296 _____ (Sendori) C:\Windows\system32\plsapp64.dll

2014-06-11 15:07 - 2014-06-11 15:07 - 00000000 ____D () C:\Users\Chris\Documents\DVDVideoSoft

2014-06-11 14:55 - 2014-06-11 15:12 - 00000000 ____D () C:\Users\Chris\Desktop\Trista

2014-06-10 19:31 - 2014-06-10 19:31 - 00000000 ____D () C:\Windows\system\x64

2014-06-10 15:05 - 2014-05-30 03:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-10 15:05 - 2014-05-30 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-10 15:05 - 2014-05-30 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-10 15:05 - 2014-05-30 02:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-10 15:05 - 2014-05-30 02:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-10 15:05 - 2014-05-30 02:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-10 15:05 - 2014-05-30 02:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-10 15:05 - 2014-05-30 02:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-10 15:05 - 2014-05-30 02:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-10 15:05 - 2014-05-30 02:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-10 15:05 - 2014-05-30 02:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-10 15:05 - 2014-05-30 02:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-10 15:05 - 2014-05-30 02:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-10 15:05 - 2014-05-30 02:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-10 15:05 - 2014-05-30 02:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-10 15:05 - 2014-05-30 02:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-10 15:05 - 2014-05-30 02:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-10 15:05 - 2014-05-30 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-10 15:05 - 2014-05-30 01:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-10 15:05 - 2014-05-30 01:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-10 15:05 - 2014-05-30 01:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-10 15:05 - 2014-05-30 01:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-10 15:05 - 2014-05-30 01:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-10 15:05 - 2014-05-30 01:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-10 15:05 - 2014-05-30 01:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-10 15:05 - 2014-05-30 01:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-10 15:05 - 2014-05-30 01:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-10 15:05 - 2014-05-30 01:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-10 15:05 - 2014-05-30 01:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-10 15:05 - 2014-05-30 01:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-10 15:05 - 2014-05-30 01:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-10 15:05 - 2014-05-30 01:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-10 15:05 - 2014-05-30 01:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-10 15:05 - 2014-05-30 01:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-10 15:05 - 2014-05-30 01:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-10 15:05 - 2014-05-30 01:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-10 15:05 - 2014-05-30 01:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-10 15:05 - 2014-05-30 01:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-10 15:05 - 2014-05-30 01:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-10 15:05 - 2014-05-30 01:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-10 15:05 - 2014-05-30 00:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-10 15:05 - 2014-05-30 00:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-10 15:05 - 2014-05-30 00:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-10 15:05 - 2014-05-30 00:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-10 15:05 - 2014-05-30 00:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-10 15:05 - 2014-05-30 00:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-10 15:05 - 2014-05-30 00:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-10 15:05 - 2014-05-30 00:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-10 15:05 - 2014-05-30 00:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-10 15:05 - 2014-05-30 00:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-10 15:05 - 2014-05-30 00:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-10 15:05 - 2014-05-30 00:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-10 15:05 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-10 15:05 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-06-10 15:05 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-10 15:05 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-10 15:05 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-10 15:05 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-10 15:05 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-10 15:05 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-10 15:05 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-10 15:05 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-10 15:05 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-10 15:05 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-10 15:05 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-06-10 15:05 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-10 15:03 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-10 15:03 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-09 18:43 - 2014-06-09 18:43 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CHRIS-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat

2014-06-09 18:22 - 2014-06-09 18:22 - 00000000 ____D () C:\RegBackup

2014-06-09 16:15 - 2014-06-09 16:15 - 00002853 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk

2014-06-09 16:15 - 2014-06-09 16:15 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up

2014-06-09 15:58 - 2014-06-09 15:58 - 00003114 _____ () C:\Windows\System32\Tasks\{7D73A77F-DAEA-4CD3-969D-587189C20EFD}

2014-06-09 15:57 - 2014-06-27 13:01 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com

2014-06-09 15:55 - 2014-06-09 15:55 - 00003122 _____ () C:\Windows\System32\Tasks\{1B7F1A52-435A-4BD2-874A-05BAC60F7957}

2014-06-09 15:50 - 2014-06-09 15:50 - 00003258 _____ () C:\Windows\System32\Tasks\{694C7399-C982-4166-A429-2C3322D5744B}

2014-06-08 20:46 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5C12.dll

2014-06-08 17:22 - 2014-06-08 17:22 - 00003202 _____ () C:\Windows\System32\Tasks\{2E39FA7E-8890-4146-A625-607D0835C39D}

2014-06-08 16:15 - 2014-06-08 16:15 - 00003284 _____ () C:\Windows\System32\Tasks\{1E74F0C9-1847-4752-98F5-3B5F27DF74B8}

2014-06-08 16:03 - 2014-06-11 21:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-06-07 17:06 - 2014-06-07 17:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\Program Files\iTunes

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\Program Files\iPod

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-06-06 11:27 - 2014-06-06 11:27 - 00015456 _____ () C:\Users\Chris\Documents\cc_20140606_112706.reg

2014-06-05 14:35 - 2014-06-05 14:35 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan

2014-06-05 14:34 - 2014-06-05 14:38 - 00000000 ____D () C:\ProgramData\SmartPCScan

2014-06-05 13:50 - 2014-06-20 20:34 - 00002968 _____ () C:\Windows\System32\Tasks\{97432810-5311-4EE6-96E1-86641E7E32F7}

2014-06-04 21:59 - 2014-06-04 21:59 - 00003248 _____ () C:\Windows\System32\Tasks\{09531749-24A0-43E1-A648-F533BE0B5654}

2014-06-04 21:55 - 2014-06-04 21:55 - 03201610 _____ (Igor Pavlov) C:\Users\Chris\Downloads\PC_BHSCamSetupTool_Setup_1.0.14.alpha (2)(1).exe

2014-06-04 21:50 - 2014-06-04 21:57 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrickHouse

2014-06-04 21:50 - 2014-06-04 21:50 - 00000000 ____D () C:\Program Files (x86)\BrickHouse

2014-06-04 21:49 - 2014-06-04 21:49 - 03201610 _____ (Igor Pavlov) C:\Users\Chris\Downloads\PC_BHSCamSetupTool_Setup_1.0.14.alpha (2).exe

 

==================== One Month Modified Files and Folders =======

 

2014-07-01 20:08 - 2014-07-01 20:07 - 00015761 _____ () C:\Users\Chris\Desktop\FRST.txt

2014-07-01 20:07 - 2014-07-01 20:07 - 00000000 ____D () C:\FRST

2014-07-01 20:04 - 2014-07-01 20:04 - 02083840 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe

2014-07-01 19:54 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-01 19:54 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-01 19:53 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-01 19:52 - 2014-06-14 18:22 - 01201701 _____ () C:\Windows\WindowsUpdate.log

2014-07-01 19:49 - 2014-06-21 05:37 - 00003472 _____ () C:\Windows\setupact.log

2014-07-01 19:49 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-29 11:27 - 2014-06-29 11:27 - 00001779 _____ () C:\Users\Chris\Desktop\aswMBR2.txt

2014-06-29 05:59 - 2014-06-29 05:59 - 00076616 _____ () C:\Users\Chris\Desktop\OTL2.Txt

2014-06-29 05:57 - 2014-06-27 09:49 - 00076616 _____ () C:\Users\Chris\Desktop\OTL.Txt

2014-06-29 05:51 - 2014-06-29 05:51 - 00002358 _____ () C:\Users\Chris\Desktop\FSS.txt

2014-06-29 05:49 - 2014-06-29 05:49 - 00001779 _____ () C:\Users\Chris\Desktop\aswMBR.txt

2014-06-29 05:49 - 2014-06-29 05:49 - 00000512 _____ () C:\Users\Chris\Desktop\MBR.dat

2014-06-29 05:43 - 2014-06-29 05:43 - 00415744 _____ (Farbar) C:\Users\Chris\Desktop\FSS.exe

2014-06-29 05:42 - 2012-06-05 16:21 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\HpUpdate

2014-06-29 05:41 - 2014-06-29 05:41 - 05185536 _____ (AVAST Software) C:\Users\Chris\Desktop\aswmbr.exe

2014-06-28 12:49 - 2014-06-28 12:49 - 00010072 _____ () C:\Users\Chris\Desktop\JRT.txt

2014-06-28 12:45 - 2014-06-28 12:45 - 00000000 ____D () C:\Windows\ERUNT

2014-06-28 08:44 - 2014-06-28 08:44 - 00007896 _____ () C:\Users\Chris\Desktop\AdwCleaner[S0].txt

2014-06-28 08:35 - 2014-06-21 05:36 - 00810530 _____ () C:\Windows\PFRO.log

2014-06-28 08:34 - 2014-06-27 19:51 - 00000000 ____D () C:\AdwCleaner

2014-06-28 08:29 - 2014-06-28 08:29 - 01016261 _____ (Thisisu) C:\Users\Chris\Desktop\JRT.exe

2014-06-28 08:27 - 2014-06-22 10:46 - 00002150 _____ () C:\Windows\epplauncher.mif

2014-06-28 08:20 - 2014-06-28 08:20 - 13829304 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\mseinstall.exe

2014-06-27 19:50 - 2014-06-27 19:50 - 01342659 _____ () C:\Users\Chris\Desktop\AdwCleaner.exe

2014-06-27 19:22 - 2014-06-27 19:22 - 00984576 _____ () C:\Users\Chris\Downloads\MicrosoftFixit50906.msi

2014-06-27 13:01 - 2014-06-27 13:01 - 00002241 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk

2014-06-27 13:01 - 2014-06-14 17:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

2014-06-27 13:01 - 2014-06-09 15:57 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com

2014-06-27 13:00 - 2014-06-27 13:00 - 04057608 _____ () C:\Users\Chris\Downloads\tweaking.com_registry_backup_setup.exe

2014-06-26 17:33 - 2014-06-26 17:33 - 00046004 _____ () C:\Users\Chris\Desktop\06262014_171524.log

2014-06-26 17:33 - 2014-06-14 08:37 - 00000000 ____D () C:\Users\Chris\Desktop\FixPrinterProblems

2014-06-26 17:08 - 2012-04-09 18:35 - 00000000 ____D () C:\ProgramData\Norton

2014-06-26 17:07 - 2014-06-26 17:07 - 00869456 _____ () C:\Users\Chris\Downloads\Norton_Removal_Tool.exe

2014-06-26 15:21 - 2014-06-26 15:21 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-06-26 15:21 - 2014-06-26 15:21 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-06-26 15:21 - 2014-06-26 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-06-26 15:21 - 2014-06-26 15:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-06-26 15:21 - 2012-06-28 05:29 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Mozilla

2014-06-25 20:18 - 2014-06-25 20:18 - 00000000 ____D () C:\_OTL

2014-06-25 09:55 - 2012-06-25 14:54 - 00000000 ____D () C:\Users\Chris\AppData\Local\CrashDumps

2014-06-24 14:27 - 2014-06-24 14:27 - 00602112 _____ (OldTimer Tools) C:\Users\Chris\Desktop\OTL.exe

2014-06-23 14:42 - 2013-03-15 09:15 - 00000000 ____D () C:\Users\Chris\Documents\Life's Lessons

2014-06-22 21:17 - 2014-06-22 20:41 - 00000530 _____ () C:\Windows\DtcInstall.log

2014-06-22 20:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration

2014-06-22 13:57 - 2013-10-25 19:34 - 00000000 ____D () C:\Users\Chris\Documents\resignation letter

2014-06-22 11:41 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache

2014-06-22 10:43 - 2014-06-22 10:43 - 00164096 _____ () C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-21 20:02 - 2014-06-21 19:18 - 00000000 ____D () C:\Program Files\Speccy

2014-06-21 19:18 - 2014-06-21 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2014-06-21 05:37 - 2014-06-21 05:37 - 00000000 _____ () C:\Windows\setuperr.log

2014-06-21 05:37 - 2014-06-21 05:36 - 00550784 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-20 20:35 - 2014-05-26 13:38 - 00002968 _____ () C:\Windows\System32\Tasks\{B3C0DD34-795F-4777-AD0F-440607107F00}

2014-06-20 20:34 - 2014-06-05 13:50 - 00002968 _____ () C:\Windows\System32\Tasks\{97432810-5311-4EE6-96E1-86641E7E32F7}

2014-06-20 16:00 - 2012-09-06 20:18 - 00000000 ____D () C:\Users\Chris\Documents\CCW

2014-06-20 14:35 - 2014-06-20 14:19 - 00000000 ____D () C:\Users\Chris\AppData\Local\Adobe

2014-06-20 14:19 - 2012-06-08 06:30 - 00000000 ____D () C:\Program Files\Google

2014-06-20 14:19 - 2012-06-08 06:30 - 00000000 ____D () C:\Program Files (x86)\Google

2014-06-20 14:19 - 2009-07-13 22:08 - 00032606 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-06-20 12:46 - 2012-06-08 06:30 - 00000000 ____D () C:\Users\Chris\AppData\Local\Google

2014-06-19 06:01 - 2014-06-19 06:01 - 00000000 ____D () C:\Program Files (x86)\Java

2014-06-18 16:06 - 2014-06-18 13:23 - 00002010 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk

2014-06-18 16:00 - 2009-07-13 19:34 - 00000549 _____ () C:\Windows\win.ini

2014-06-18 15:58 - 2011-02-11 10:15 - 00782470 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-06-18 15:45 - 2014-06-18 15:45 - 00002165 _____ () C:\Users\Chris\Desktop\Tweaking.com - Windows Repair (All in One).lnk

2014-06-18 13:27 - 2014-06-18 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2014-06-18 13:27 - 2014-06-14 15:53 - 00001188 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk

2014-06-18 13:27 - 2014-06-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Hp

2014-06-14 20:20 - 2012-06-24 12:20 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\U3

2014-06-14 18:13 - 2014-06-14 18:13 - 00010230 _____ () C:\Users\Chris\Documents\cc_20140614_181314.reg

2014-06-14 17:25 - 2014-06-14 15:52 - 00164096 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-14 16:57 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_137

2014-06-14 16:01 - 2014-06-14 15:53 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\HpUpdate

2014-06-14 15:52 - 2014-06-14 15:52 - 00000000 ____D () C:\Users\Administrator\AppData\Local\HP

2014-06-14 15:43 - 2014-06-14 15:42 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F8EADB24-C07A-4B41-A272-50B9A7174CE0}

2014-06-14 15:42 - 2014-06-14 15:42 - 00001415 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-14 15:42 - 2014-06-14 15:42 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Apple Computer

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe

2014-06-14 15:42 - 2014-06-14 15:42 - 00000000 ____D () C:\Users\Administrator

2014-06-14 15:42 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-06-14 14:44 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_681

2014-06-14 08:37 - 2014-06-14 08:36 - 00000000 ____D () C:\Users\Chris\Desktop\Stuff

2014-06-14 05:54 - 2014-06-14 05:54 - 00010868 _____ () C:\Users\Chris\Documents\cc_20140614_055402.reg

2014-06-13 21:44 - 2014-01-11 20:14 - 00676910 _____ () C:\Users\Chris\Desktop\BusinessCardREI_edited-4.psd

2014-06-13 18:46 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_269

2014-06-13 16:53 - 2014-06-13 16:53 - 00176992 _____ () C:\Users\Chris\Documents\cc_20140613_165328.reg

2014-06-13 13:44 - 2014-06-13 13:44 - 00802526 _____ () C:\Users\Chris\Documents\cc_20140613_134417.reg

2014-06-12 21:14 - 2013-06-29 06:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-12 17:27 - 2014-06-12 17:27 - 00000000 ____D () C:\Windows\system32\x64

2014-06-12 15:04 - 2012-09-27 15:09 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT

2014-06-11 22:37 - 2012-06-27 07:11 - 00035450 _____ () C:\ProgramData\hpzinstall.log

2014-06-11 21:56 - 2012-06-04 12:27 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E4A1004B-B699-446C-81E9-7B1306D4AF56}

2014-06-11 21:51 - 2014-06-08 16:03 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-06-11 21:48 - 2012-06-28 06:36 - 00000000 ____D () C:\Program Files (x86)\MSECache

2014-06-11 16:39 - 2012-06-04 12:20 - 00000000 ____D () C:\Users\Chris

2014-06-11 15:12 - 2014-06-11 14:55 - 00000000 ____D () C:\Users\Chris\Desktop\Trista

2014-06-11 15:07 - 2014-06-11 15:07 - 00000000 ____D () C:\Users\Chris\Documents\DVDVideoSoft

2014-06-10 21:06 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_278

2014-06-10 20:29 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_91

2014-06-10 20:00 - 2011-09-20 19:37 - 00028640 _____ (Uwe Sieber - www.uwe-sieber.de) C:\Windows\system32\DriveCleanup.exe

2014-06-10 19:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system

2014-06-10 19:31 - 2014-06-10 19:31 - 00000000 ____D () C:\Windows\system\x64

2014-06-10 19:14 - 2013-08-14 07:04 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-10 19:13 - 2012-06-04 21:51 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-10 15:36 - 2012-06-28 06:03 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-10 15:35 - 2014-05-07 09:49 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-06-09 19:02 - 2009-07-13 19:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_498

2014-06-09 18:43 - 2014-06-09 18:43 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CHRIS-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat

2014-06-09 18:22 - 2014-06-09 18:22 - 00000000 ____D () C:\RegBackup

2014-06-09 17:28 - 2012-04-09 18:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2014-06-09 17:28 - 2012-04-09 18:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard

2014-06-09 17:26 - 2012-06-04 12:27 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Hewlett-Packard

2014-06-09 16:15 - 2014-06-09 16:15 - 00002853 _____ () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk

2014-06-09 16:15 - 2014-06-09 16:15 - 00000000 ____D () C:\Program Files (x86)\Windows Installer Clean Up

2014-06-09 15:58 - 2014-06-09 15:58 - 00003114 _____ () C:\Windows\System32\Tasks\{7D73A77F-DAEA-4CD3-969D-587189C20EFD}

2014-06-09 15:55 - 2014-06-09 15:55 - 00003122 _____ () C:\Windows\System32\Tasks\{1B7F1A52-435A-4BD2-874A-05BAC60F7957}

2014-06-09 15:50 - 2014-06-09 15:50 - 00003258 _____ () C:\Windows\System32\Tasks\{694C7399-C982-4166-A429-2C3322D5744B}

2014-06-09 13:59 - 2012-04-09 18:17 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard

2014-06-09 13:56 - 2012-04-09 18:24 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools

2014-06-09 13:46 - 2012-06-07 06:50 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\WildTangent

2014-06-09 13:46 - 2012-04-09 18:26 - 00000000 ____D () C:\ProgramData\WildTangent

2014-06-09 13:46 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-06-09 13:41 - 2012-06-04 13:00 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2014-06-08 20:43 - 2012-06-27 07:03 - 00000000 ____D () C:\ProgramData\HP

2014-06-08 20:10 - 2012-06-22 05:56 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1

2014-06-08 17:22 - 2014-06-08 17:22 - 00003202 _____ () C:\Windows\System32\Tasks\{2E39FA7E-8890-4146-A625-607D0835C39D}

2014-06-08 16:15 - 2014-06-08 16:15 - 00003284 _____ () C:\Windows\System32\Tasks\{1E74F0C9-1847-4752-98F5-3B5F27DF74B8}

2014-06-08 12:13 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-06-08 02:13 - 2014-06-10 15:03 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-08 02:08 - 2014-06-10 15:03 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-07 17:06 - 2014-06-07 17:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\Program Files\iTunes

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\Program Files\iPod

2014-06-07 17:06 - 2014-06-07 17:06 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-06-06 11:27 - 2014-06-06 11:27 - 00015456 _____ () C:\Users\Chris\Documents\cc_20140606_112706.reg

2014-06-05 14:38 - 2014-06-05 14:34 - 00000000 ____D () C:\ProgramData\SmartPCScan

2014-06-05 14:35 - 2014-06-05 14:35 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan

2014-06-04 21:59 - 2014-06-04 21:59 - 00003248 _____ () C:\Windows\System32\Tasks\{09531749-24A0-43E1-A648-F533BE0B5654}

2014-06-04 21:57 - 2014-06-04 21:50 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrickHouse

2014-06-04 21:55 - 2014-06-04 21:55 - 03201610 _____ (Igor Pavlov) C:\Users\Chris\Downloads\PC_BHSCamSetupTool_Setup_1.0.14.alpha (2)(1).exe

2014-06-04 21:50 - 2014-06-04 21:50 - 00000000 ____D () C:\Program Files (x86)\BrickHouse

2014-06-04 21:49 - 2014-06-04 21:49 - 03201610 _____ (Igor Pavlov) C:\Users\Chris\Downloads\PC_BHSCamSetupTool_Setup_1.0.14.alpha (2).exe

 

Files to move or delete:

====================

C:\ProgramData\PKP_DLeo.DAT

C:\ProgramData\PKP_DLes.DAT

C:\ProgramData\PKP_DLet.DAT

C:\ProgramData\PKP_DLev.DAT

 

Some content of TEMP:

====================

C:\Users\Chris\AppData\Local\Temp\Quarantine.exe

 

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2014-06-08 19:37

==================== End Of Log ============================

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014

Ran by Chris at 2014-07-01 20:08:40

Running from C:\Users\Chris\Desktop

Boot Mode: Normal

==========================================================

 

==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

6400_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)

Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop Elements 10 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

AVIC FEEDS (HKLM-x32\...\{1D8BBD52-90D4-4B20-8C4C-2160C21A07DE}) (Version: 2.04.0000 - PIONEER CORPORATION)

BHS Cam Setup Tool (HKLM-x32\...\{FCEE0D0B-FF8D-4552-A6C5-67ECE0F82EF9}) (Version: 1.0.11 - BrickHouse Security)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden

BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)

DesignPro 5 (HKLM-x32\...\InstallShield_{C8F04EF6-C4DB-4D86-8D86-32E7DBDA8595}) (Version: 5.5.708 - Avery Dennison)

DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden

Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden

DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden

Distortion Control Data (HKLM-x32\...\{B08B4896-886C-4644-8664-BBA4CE99D318}) (Version: 1.00.0000 - Nikon)

DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden

doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)

Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)

Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden

GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden

HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden

HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)

HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)

HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )

iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)

J6400 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden

Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Camera Codec Pack (HKLM\...\{A6A4A258-0A48-4F76-B8F1-61F0514594DD}) (Version: 16.4.1970.0624 - Microsoft Corporation)

Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)

Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden

Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden

NIKON IMAGE SPACE UPLOADER (HKLM-x32\...\com.nikonimagespace.uploader) (Version: 1.1 - NIKON CORPORATION)

NIKON IMAGE SPACE UPLOADER (x32 Version: 1.1 - NIKON CORPORATION) Hidden

Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)

Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)

opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden

Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)

Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden

PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden

Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden

SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden

SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden

Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)

Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden

Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

The Photographer's Ephemeris (HKLM-x32\...\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1) (Version: 1.1.1 - UNKNOWN)

The Photographer's Ephemeris (x32 Version: 1.1.1 - UNKNOWN) Hidden

Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden

TOPO! (HKLM-x32\...\TOPO!) (Version:  - )

TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden

TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden

Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)

Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com)

Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)

WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden

Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

10-06-2014 22:35:10 Windows Update

11-06-2014 02:11:52 Windows Update

11-06-2014 03:15:18 Tweaking.com - Windows Repair

11-06-2014 04:29:08 Tweaking.com - Windows Repair

11-06-2014 21:29:33 Windows Update

11-06-2014 22:44:12 Windows Update

11-06-2014 23:32:44 Restore Operation

11-06-2014 23:42:24 Windows Update

12-06-2014 00:03:06 Windows Update

12-06-2014 00:12:09 Windows Update

12-06-2014 11:43:41 Windows Update

12-06-2014 11:59:11 Windows Update

12-06-2014 17:35:08 Windows Update

12-06-2014 17:50:04 Windows Update

12-06-2014 21:46:13 HP PrinterRestorePoint

13-06-2014 00:10:03 Windows Update

13-06-2014 00:34:42 Windows Update

13-06-2014 02:04:11 Windows Update

15-06-2014 02:41:12 Windows Update

16-06-2014 02:43:21 Revo Uninstaller's restore point - HP Update

16-06-2014 02:43:36 Removed HP Update.

16-06-2014 02:48:00 Revo Uninstaller's restore point - I.R.I.S. OCR

16-06-2014 02:57:11 Revo Uninstaller's restore point - Constant Guard Protection Suite

01-07-2014 18:22:17 Windows Update

 

==================== Hosts content: ==========================

 

2009-07-13 19:34 - 2014-06-18 16:00 - 00000855 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {081D85C4-61D7-420F-82D1-36F3411B1D8F} - System32\Tasks\{B52BEB5C-2FC3-4B96-B4E0-5AE7CEBCC3B3} => C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

Task: {4227EFE6-9C91-4DE2-A723-F3897E2AC0EF} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()

Task: {45D64AE2-2823-4EB0-B07D-7228FF811ABB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1450463833-1716714491-3263300153-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe

Task: {4A0B4348-4F51-46B5-B5EE-0AE95217DA9F} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()

Task: {603B6948-E6BD-432F-A534-49A444BF126C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1450463833-1716714491-3263300153-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe

Task: {658AAE00-3781-4125-AD54-CFECBFE68505} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1450463833-1716714491-3263300153-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe

Task: {6D3F0645-88CF-4366-87BB-C31333FB2E11} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1450463833-1716714491-3263300153-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

Task: {6D83C2BC-A150-46E9-BEF2-6F875338D4E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)

Task: {723332FF-5CD1-4121-AE6E-A7EB91D940E6} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe

Task: {7E90A33F-1487-4915-99FE-933A8631434A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {98538E45-B09A-4834-92B3-4D23556085B5} - System32\Tasks\AdobeAAMUpdater-1.0-Chris-HP-Chris => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)

Task: {99B553A4-F89F-447D-8580-89AE566F69C3} - System32\Tasks\{B3C0DD34-795F-4777-AD0F-440607107F00} => Firefox.exe

Task: {A1BB7784-E499-4A93-8074-11F260A77917} - \BackgroundContainer Startup Task No Task File <==== ATTENTION

Task: {AA3F1593-8ACF-4A8D-93D8-3541569F5B1D} - System32\Tasks\{97432810-5311-4EE6-96E1-86641E7E32F7} => Firefox.exe

Task: {DFFE0736-3EE7-4535-833D-6A544E9B1A33} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {F0923105-2EE0-49DD-B70A-776DA3824A24} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1450463833-1716714491-3263300153-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe

Task: {F278E6DC-919A-4428-9275-6503A655CE95} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe

Task: {F3EF2F31-B355-4FBE-B8F0-E84F1CFED2A5} - \BrowserSafeguard Update Task No Task File <==== ATTENTION

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-04-09 18:10 - 2011-09-19 00:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="%Service%"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="%Service%"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"

 

==================== EXE Association (whitelisted) =============

 

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3

MSCONFIG\Services: Apple Mobile Device => 2

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: cphs => 3

MSCONFIG\Services: DatamngrCoordinator => 2

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: gusvc => 3

MSCONFIG\Services: HPClientSvc => 2

MSCONFIG\Services: IDriverT => 3

MSCONFIG\Services: iPod Service => 3

MSCONFIG\Services: jhi_service => 2

MSCONFIG\Services: LMS => 2

MSCONFIG\Services: UNS => 2

MSCONFIG\Services: VIPAppService => 2

==================== Faulty Device Manager Devices =============

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AntiLog32

Description: AntiLog32

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: AntiLog32

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Officejet 6700

Description: HP Officejet 6700

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:

Description:

Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

==================== Event log errors: =========================

 

Application errors:

==================

System errors:

=============

Error: (07/01/2014 07:51:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

Error: (07/01/2014 07:49:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP CUE DeviceDiscovery Service service terminated with the following error:

%%126

Error: (07/01/2014 07:49:22 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)

Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147942402.

 

Error: (07/01/2014 03:51:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

 

Error: (07/01/2014 03:49:42 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)

Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147942402.

Error: (07/01/2014 03:49:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP CUE DeviceDiscovery Service service terminated with the following error:

%%126

Error: (07/01/2014 02:55:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

Error: (07/01/2014 02:53:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP CUE DeviceDiscovery Service service terminated with the following error:

%%126

Error: (07/01/2014 02:53:32 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT AUTHORITY)

Description: Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147942402.

 

Error: (07/01/2014 01:57:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The HP Network Devices Support service terminated with the following error:

%%126

 

Microsoft Office Sessions:

=========================

 

==================== Memory info ===========================

 

Percentage of memory in use: 16%

Total physical RAM: 8098.52 MB

Available physical RAM: 6758.95 MB

Total Pagefile: 16195.21 MB

Available Pagefile: 14763.73 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:914.76 GB) (Free:771.87 GB) NTFS

Drive d: (HP_RECOVERY) (Fixed) (Total:16.66 GB) (Free:2.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3330C217)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=915 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

Advertisements


#41
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

FYI, in my Device Manager under Other devices, there are three "unknown devices"  that are without drivers.  I don't know if this means anything to you but I thought I would mention it.


  • 0

#42
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Thanks for the logs. I have some questions.

I see that you had Xfinity's Constant Guard Protection Suite on the system. Did you uninstall through the Control Panel's list of installed programs and then remove the remnants with Revo Uninstaller, or did you uninstall it using Revo?
Do you still have the Slim Cleaner program on the system?
Are you able to create a system restore point? If you can, please create one.
Did you ever run the Windows All-In- One tool in the other topic?
Please check in the list of installed programs in the Control Panel and see if there are any HP printer programs left to uninstall. the reason I say this is because the OTL log shows the J6400 program in the list of installed programs and that is the HP OfficeJet J6400 All-In-One series printer. There is also the 6400_Help program listed.
 


  • 0

#43
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

I uninstalled through Consstant Guard program.  Then I reinstalled it and later uninstalled through Revo.  I no longer have Slim Cleaner or CCleaner.  I am unable to create a restore point but I noticed that Windows Update had installed a critical update on July 1,.   Windows All-In-One was used in the prior forum (Hardware, Components and Peipherals).  The programs that show up with the HP logo are:  HP Odometer, HP Support Information, HP Update, HP Vision Hardware Diagnostics, I.R.I.S. OCR, another one that I don't understand, Facebook with an HP identified as the Publisher.  The programs I listed are programs that I'm not sure if they are associated with the computer or the printer.  The J6400 is a printer I used prior to buying the J6700.  The J6400 is still being used by my wife.  None of those J6400 programs are listed anywhere on my computer.


Edited by ridethewave, 02 July 2014 - 06:18 PM.

  • 0

#44
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

Thanks for the info. Constant Guard has left some remnants on the system. This may be what is interfering with System Restore and installing another antivirus product. But I have seen some reports where deleting one of the drivers causes the system to blue screen.

 

Is Comcast still your internet provider and do you still have the Constant Guard program if we need to reinstall it?

Which browser did you use to downlosd MSE?

 

Let's run a FRST fix and see if anything changes.

 

 

FRST Fix

Warning: This fix is relevant for this system and no other. If you are not this user, Do NOT follow these directions as they could damage the workings of your system.
 

  • Download the attached fixlist.txt file and save it to the same location the FRST64.exe file is in.
    NOTE: It's important that both files, FRST.exe / FRST64.exe and fixlist.txt are in the same location or the fix will not work.
  • Run FRST64 and press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
  • The Fixlog.txt file can also be found in the same location that the program was run from.

[attachment=71369:fixlist.txt]

 

Now see if you can install the MSE program.

 

Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.

1. The Fixlog.txt log

2. Let me know what happened with installing MSE.


  • 0

#45
ridethewave

ridethewave

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 154 posts

Comcast is still my internet provider.  I do not have the Constant Guard nor did I ever want the program.  It came with the Norton Antivirus program as a package.  Even though it installed I never use it or activated it.

The browser I used to install was IE 11, which I would like to go back to using after we solve the problems I'm having now.

The MSE program installed and updated itself.

 

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-07-2014
Ran by Chris at 2014-07-03 09:28:20 Run:1
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL =
2014-06-26 17:08 - 2012-04-09 18:35 - 00000000 ____D () C:\ProgramData\Norton
2014-06-05 14:38 - 2014-06-05 14:34 - 00000000 ____D () C:\ProgramData\SmartPCScan
2014-06-05 14:35 - 2014-06-05 14:35 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\QuickScan
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
Task: {081D85C4-61D7-420F-82D1-36F3411B1D8F} - System32\Tasks\{B52BEB5C-2FC3-4B96-B4E0-5AE7CEBCC3B3} => C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
Task: {723332FF-5CD1-4121-AE6E-A7EB91D940E6} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe
Task: {A1BB7784-E499-4A93-8074-11F260A77917} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {F3EF2F31-B355-4FBE-B8F0-E84F1CFED2A5} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
reboot:
stop
*****************

'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}' => Key deleted successfully.
'HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2405}'=> Key not found.
C:\ProgramData\Norton => Moved successfully.
C:\ProgramData\SmartPCScan => Moved successfully.
C:\Users\Chris\AppData\Roaming\QuickScan => Moved successfully.
C:\ProgramData\PKP_DLeo.DAT => Moved successfully.
C:\ProgramData\PKP_DLes.DAT => Moved successfully.
C:\ProgramData\PKP_DLet.DAT => Moved successfully.
C:\ProgramData\PKP_DLev.DAT => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{081D85C4-61D7-420F-82D1-36F3411B1D8F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{081D85C4-61D7-420F-82D1-36F3411B1D8F}' => Key deleted successfully.
C:\Windows\System32\Tasks\{B52BEB5C-2FC3-4B96-B4E0-5AE7CEBCC3B3} => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B52BEB5C-2FC3-4B96-B4E0-5AE7CEBCC3B3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{723332FF-5CD1-4121-AE6E-A7EB91D940E6}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{723332FF-5CD1-4121-AE6E-A7EB91D940E6}' => Key deleted successfully.
C:\Windows\System32\Tasks\SlimCleaner Run => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SlimCleaner Run' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1BB7784-E499-4A93-8074-11F260A77917}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1BB7784-E499-4A93-8074-11F260A77917}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3EF2F31-B355-4FBE-B8F0-E84F1CFED2A5}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3EF2F31-B355-4FBE-B8F0-E84F1CFED2A5}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task' => Key deleted successfully.

The system needed a reboot.

==== End of Fixlog ====


  • 0






Similar Topics


Also tagged with one or more of these keywords: HP printer, HP computer

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP