the post link is'nt working on my pc
heres the logs from my computer through my mom's pc.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-08-2014 01
Ran by Ffej (administrator) on JEFF on 12-08-2014 15:41:18
Running from C:\Users\Nat\Desktop
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\AEstSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(BitTorrent Inc.) C:\Users\Nat\AppData\Roaming\BitTorrent\BitTorrent.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)
HKU\.DEFAULT\...\Run: [Advanced SystemCare 6] => "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
HKU\.DEFAULT\...\RunOnce: [DeleteEngineAfterUpdate] => reg DELETE HKCU\Software\AppDataLow\Software\ConduitEngine /f
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3345878006-48315690-652183031-1000\...\Run: [BitTorrent] => C:\Users\Nat\AppData\Roaming\BitTorrent\BitTorrent.exe [1267032 2014-07-02] (BitTorrent Inc.)
HKU\S-1-5-21-3345878006-48315690-652183031-1002\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3345878006-48315690-652183031-1002\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S4].txt [1987 2014-08-11] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
URLSearchHook: HKLM - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKLM - (No Name) - {c846d9b8-4cc6-491e-893f-7ee1d979afa3} - No File
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: No Name -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: linkscanner - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-05-07]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-04]
CHR Extension: (Google Drive) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-06]
CHR Extension: (YouTube) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-04]
CHR Extension: (Google Search) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-04]
CHR Extension: (Skype Click to Call) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-04]
CHR Extension: (Google Wallet) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-04]
CHR Extension: (Gmail) - C:\Users\Ffej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-04]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Nat\AppData\Local\Temp\crxCF13.tmp [2012-11-22]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe [73728 2007-09-20] (Andrea Electronics Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3290304 2012-11-22] (Skype Technologies S.A.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-03-04] (AVG Technologies)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [116320 2014-06-27] (Power Software Ltd)
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S0 gqbhjg; No ImagePath
S0 hqmpym; No ImagePath
S0 hzgqpf; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-12 15:41 - 2014-08-12 15:41 - 00010299 _____ () C:\Users\Nat\Desktop\FRST.txt
2014-08-12 15:37 - 2014-08-12 15:35 - 05185536 _____ (AVAST Software) C:\Users\Nat\Desktop\aswmbr.exe
2014-08-12 15:37 - 2014-08-12 15:11 - 01091584 _____ (Farbar) C:\Users\Nat\Desktop\FRST.exe
2014-08-12 15:33 - 2014-08-12 15:41 - 00000000 ____D () C:\FRST
2014-08-11 16:32 - 2014-08-11 16:30 - 28694720 _____ (Microsoft Corporation) C:\Users\Nat\Desktop\Windows-KB890830-V5.14.exe
2014-08-11 11:17 - 2014-08-11 11:17 - 00000000 ____D () C:\Users\Ffej\AppData\Local\Apps\2.0
2014-08-11 07:29 - 2014-08-11 07:29 - 00000680 _____ () C:\Users\Ffej\AppData\Local\d3d9caps.dat
2014-08-11 04:25 - 2014-08-11 12:27 - 00005676 _____ () C:\Windows\PFRO.log
2014-08-11 04:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-08-11 04:18 - 2014-08-11 04:19 - 01366203 _____ () C:\Users\Ffej\Downloads\adwcleaner_3.304.exe
2014-08-10 09:48 - 2014-08-10 09:50 - 06958304 _____ (Microsoft Corporation) C:\Users\Nat\Downloads\Silverlight.exe
2014-08-10 01:35 - 2014-08-11 12:27 - 00000000 ____D () C:\Users\Nat\Desktop\FREE TOOLS
2014-08-08 17:03 - 2014-08-08 17:03 - 00018172 _____ () C:\Users\Nat\Downloads\[kickass.to]cavalera.conspiracy.blunt.force.trauma.special.edition.2011.evil.torrent
2014-08-08 16:59 - 2014-08-08 16:59 - 00017816 _____ () C:\Users\Nat\Downloads\[kickass.to]nailbomb.discography.1994.1995.flac.torrent
2014-08-08 16:48 - 2014-08-08 16:48 - 00047268 _____ () C:\Users\Nat\Downloads\[kickass.to]soulfly.discography.1998.2013.discografía.1998.2013.torrent
2014-08-08 15:11 - 2014-08-08 15:11 - 00854410 _____ () C:\Users\Nat\Downloads\SecurityCheck.exe
2014-08-08 15:04 - 2014-08-08 15:04 - 00001074 _____ () C:\Users\Nat\Documents\olt commands for carolpc.txt
2014-08-07 01:59 - 2014-08-11 04:23 - 00000000 ____D () C:\AdwCleaner
2014-08-07 01:54 - 2014-08-07 01:54 - 00002053 _____ () C:\Users\Ffej\Documents\JRT.txt
2014-08-07 01:53 - 2014-08-07 01:53 - 00002053 _____ () C:\Users\Ffej\Desktop\JRT.txt
2014-08-07 01:48 - 2014-08-07 01:48 - 00000000 ____D () C:\Windows\ERUNT
2014-08-06 18:13 - 2014-08-06 18:13 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\Macromedia
2014-08-06 17:57 - 2014-08-06 17:57 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\PowerISO
2014-08-06 17:55 - 2014-08-06 17:55 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\PowerISO
2014-08-06 17:52 - 2014-08-06 17:52 - 00018872 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\Program Files\PowerISO
2014-08-06 17:48 - 2014-08-06 17:48 - 00699016 _____ (CNET Download.com) C:\Users\Nat\Downloads\cbsidlm-cbsi213-PowerISO-SEO-10439118.exe
2014-08-04 14:04 - 2014-08-04 14:04 - 01166232 _____ (Magical Jelly Bean ) C:\Users\Nat\Downloads\KeyFinderInstaller.exe
2014-08-04 05:33 - 2014-08-04 05:33 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\Adobe
2014-08-04 05:30 - 2014-08-04 05:37 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\Winamp
2014-08-04 05:20 - 2014-08-04 05:20 - 00061048 _____ () C:\Users\Ffej\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 05:19 - 2014-08-04 05:19 - 00000949 _____ () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 05:19 - 2014-08-04 05:19 - 00000944 _____ () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-04 05:19 - 2014-08-04 05:19 - 00000000 ____D () C:\Users\Ffej\AppData\Local\Google
2014-08-04 05:18 - 2014-08-04 05:19 - 00000000 ____D () C:\Users\Ffej
2014-08-04 05:18 - 2014-08-04 05:18 - 00000915 _____ () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-08-04 05:18 - 2014-08-04 05:18 - 00000020 ___SH () C:\Users\Ffej\ntuser.ini
2014-08-04 05:18 - 2014-08-04 05:18 - 00000000 ____D () C:\Users\Ffej\AppData\Local\VirtualStore
2014-08-04 05:18 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Ffej\AppData\Local\Microsoft Help
2014-08-04 05:18 - 2008-01-20 23:56 - 00000000 ___RD () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-04 05:18 - 2008-01-20 23:56 - 00000000 ___RD () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagwrn.xml
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagerr.xml
2014-08-02 20:51 - 2014-08-02 20:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-01 12:37 - 2014-08-01 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-01 12:36 - 2009-02-27 03:42 - 00031640 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2014-08-01 12:35 - 2014-08-01 18:39 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-01 12:30 - 2014-08-02 20:57 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-01 12:30 - 2014-08-02 20:53 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-01 12:30 - 2014-08-01 12:31 - 00000000 ____D () C:\Windows\SHELLNEW
2014-08-01 12:30 - 2014-08-01 12:30 - 00000000 ____D () C:\Users\Nat\AppData\Local\Microsoft Help
2014-08-01 12:29 - 2014-08-01 12:29 - 00000000 __RHD () C:\MSOCache
2014-07-26 15:13 - 2014-07-26 15:13 - 00000000 ____D () C:\Users\Nat\AppData\Local\{1565618D-E4E4-433E-9CC2-DCA980378EC2}
2014-07-26 08:56 - 2014-07-26 08:56 - 00000000 ____D () C:\Program Files\SigmaTel
2014-07-26 08:56 - 2008-02-15 18:27 - 00330752 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2014-07-26 08:56 - 2008-02-15 18:24 - 00150016 _____ (IDT, Inc.) C:\Windows\system32\st325866.dll
2014-07-26 08:56 - 2007-03-05 14:05 - 00492544 _____ (Creative Technology Ltd.) C:\Windows\system32\ctapo32.dll
2014-07-26 08:56 - 2007-03-05 14:05 - 00045568 _____ (Creative Technology Ltd) C:\Windows\system32\ctppld.dll
2014-07-26 08:51 - 2014-07-26 08:55 - 09127120 _____ () C:\Users\Nat\Downloads\R218148.exe
2014-07-26 07:59 - 2012-03-08 18:32 - 00039272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2014-07-26 07:39 - 2014-07-26 07:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-07-26 07:38 - 2014-07-26 07:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-07-26 07:22 - 2014-07-26 07:22 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-26 07:21 - 2014-07-26 07:22 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-07-26 07:21 - 2014-07-26 07:21 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-07-26 07:20 - 2014-07-26 07:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-26 03:06 - 2014-07-26 03:06 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\PeerNetworking
2014-07-26 01:08 - 2014-07-26 01:08 - 03007700 _____ () C:\Users\Nat\Downloads\revouninstaller (1).zip
2014-07-26 00:58 - 2014-07-26 00:58 - 00000820 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-07-26 00:57 - 2014-07-26 00:58 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-26 00:51 - 2014-07-26 00:51 - 01742864 _____ () C:\Users\Nat\Downloads\wrar510.exe
2014-07-26 00:46 - 2014-07-26 00:46 - 03007700 _____ () C:\Users\Nat\Downloads\revouninstaller.zip
2014-07-25 21:26 - 2014-07-26 15:13 - 00000000 ____D () C:\Users\Nat\AppData\Local\Windows Live Writer
2014-07-25 21:26 - 2014-07-25 21:27 - 00000000 ____D () C:\Users\Nat\AppData\Local\{E6488CBE-99E6-4EDD-9297-4F24E9CA954D}
2014-07-25 21:26 - 2014-07-25 21:26 - 00000000 ____D () C:\Users\Nat\Documents\My Weblog Posts
2014-07-25 21:26 - 2014-07-25 21:26 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\Windows Live Writer
2014-07-24 08:54 - 2014-07-24 08:57 - 00788436 _____ () C:\Users\Nat\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-07-24 02:09 - 2014-07-24 02:09 - 00027242 _____ () C:\Users\Nat\Downloads\[kickass.to]pestilence.discography.full.torrent
2014-07-24 00:14 - 2014-07-24 01:12 - 22565576 _____ () C:\Users\Nat\Downloads\R173590.exe
2014-07-23 00:45 - 2014-08-11 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2014-07-23 00:45 - 2014-07-23 00:45 - 00000000 ____D () C:\Program Files\Safer Networking
2014-07-18 20:12 - 2014-07-18 20:12 - 00039128 _____ () C:\Users\Nat\Documents\cc_20140718_201201.reg
2014-07-18 19:56 - 2014-07-18 19:57 - 01432904 _____ (Yahoo! Inc.) C:\Users\Nat\Downloads\ytb_7.0.5.0_1.4.0_cnetl_uber_setup_.exe
2014-07-18 17:06 - 2014-07-18 17:06 - 00000000 ____D () C:\Users\Jeff
2014-07-18 16:28 - 2014-07-18 16:28 - 00027742 _____ () C:\Users\Nat\Downloads\Result.txt
2014-07-13 03:51 - 2014-07-13 03:51 - 00000000 ____D () C:\ProgramData\WindowsSearch
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-12 15:41 - 2014-08-12 15:41 - 00010299 _____ () C:\Users\Nat\Desktop\FRST.txt
2014-08-12 15:41 - 2014-08-12 15:33 - 00000000 ____D () C:\FRST
2014-08-12 15:35 - 2014-08-12 15:37 - 05185536 _____ (AVAST Software) C:\Users\Nat\Desktop\aswmbr.exe
2014-08-12 15:30 - 2012-09-11 16:46 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-12 15:18 - 2012-05-02 12:36 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-12 15:13 - 2006-11-02 09:45 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-12 15:13 - 2006-11-02 09:45 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-12 15:11 - 2014-08-12 15:37 - 01091584 _____ (Farbar) C:\Users\Nat\Desktop\FRST.exe
2014-08-12 13:35 - 2008-01-20 22:38 - 02026918 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 22:30 - 2012-09-11 16:46 - 00000876 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 16:30 - 2014-08-11 16:32 - 28694720 _____ (Microsoft Corporation) C:\Users\Nat\Desktop\Windows-KB890830-V5.14.exe
2014-08-11 13:25 - 2014-04-17 21:14 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 13:13 - 2006-11-02 09:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 13:12 - 2006-11-02 09:58 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-11 12:49 - 2011-08-04 13:23 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\BitTorrent
2014-08-11 12:27 - 2014-08-11 04:25 - 00005676 _____ () C:\Windows\PFRO.log
2014-08-11 12:27 - 2014-08-10 01:35 - 00000000 ____D () C:\Users\Nat\Desktop\FREE TOOLS
2014-08-11 12:27 - 2006-11-02 09:44 - 00273368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-11 11:17 - 2014-08-11 11:17 - 00000000 ____D () C:\Users\Ffej\AppData\Local\Apps\2.0
2014-08-11 07:29 - 2014-08-11 07:29 - 00000680 _____ () C:\Users\Ffej\AppData\Local\d3d9caps.dat
2014-08-11 05:34 - 2014-07-23 00:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2014-08-11 04:25 - 2006-11-02 08:18 - 00000000 ____D () C:\Windows\security
2014-08-11 04:23 - 2014-08-07 01:59 - 00000000 ____D () C:\AdwCleaner
2014-08-11 04:19 - 2014-08-11 04:18 - 01366203 _____ () C:\Users\Ffej\Downloads\adwcleaner_3.304.exe
2014-08-10 09:50 - 2014-08-10 09:48 - 06958304 _____ (Microsoft Corporation) C:\Users\Nat\Downloads\Silverlight.exe
2014-08-08 17:03 - 2014-08-08 17:03 - 00018172 _____ () C:\Users\Nat\Downloads\[kickass.to]cavalera.conspiracy.blunt.force.trauma.special.edition.2011.evil.torrent
2014-08-08 16:59 - 2014-08-08 16:59 - 00017816 _____ () C:\Users\Nat\Downloads\[kickass.to]nailbomb.discography.1994.1995.flac.torrent
2014-08-08 16:48 - 2014-08-08 16:48 - 00047268 _____ () C:\Users\Nat\Downloads\[kickass.to]soulfly.discography.1998.2013.discografía.1998.2013.torrent
2014-08-08 15:11 - 2014-08-08 15:11 - 00854410 _____ () C:\Users\Nat\Downloads\SecurityCheck.exe
2014-08-08 15:04 - 2014-08-08 15:04 - 00001074 _____ () C:\Users\Nat\Documents\olt commands for carolpc.txt
2014-08-07 01:54 - 2014-08-07 01:54 - 00002053 _____ () C:\Users\Ffej\Documents\JRT.txt
2014-08-07 01:53 - 2014-08-07 01:53 - 00002053 _____ () C:\Users\Ffej\Desktop\JRT.txt
2014-08-07 01:48 - 2014-08-07 01:48 - 00000000 ____D () C:\Windows\ERUNT
2014-08-06 18:24 - 2011-10-09 14:12 - 00000000 ____D () C:\Windows\Minidump
2014-08-06 18:13 - 2014-08-06 18:13 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\Macromedia
2014-08-06 17:57 - 2014-08-06 17:57 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\PowerISO
2014-08-06 17:55 - 2014-08-06 17:55 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\PowerISO
2014-08-06 17:52 - 2014-08-06 17:52 - 00018872 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2014-08-06 17:51 - 2014-08-06 17:51 - 00000000 ____D () C:\Program Files\PowerISO
2014-08-06 17:48 - 2014-08-06 17:48 - 00699016 _____ (CNET Download.com) C:\Users\Nat\Downloads\cbsidlm-cbsi213-PowerISO-SEO-10439118.exe
2014-08-04 14:04 - 2014-08-04 14:04 - 01166232 _____ (Magical Jelly Bean ) C:\Users\Nat\Downloads\KeyFinderInstaller.exe
2014-08-04 05:37 - 2014-08-04 05:30 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\Winamp
2014-08-04 05:33 - 2014-08-04 05:33 - 00000000 ____D () C:\Users\Ffej\AppData\Roaming\Adobe
2014-08-04 05:20 - 2014-08-04 05:20 - 00061048 _____ () C:\Users\Ffej\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 05:19 - 2014-08-04 05:19 - 00000949 _____ () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-04 05:19 - 2014-08-04 05:19 - 00000944 _____ () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-08-04 05:19 - 2014-08-04 05:19 - 00000000 ____D () C:\Users\Ffej\AppData\Local\Google
2014-08-04 05:19 - 2014-08-04 05:18 - 00000000 ____D () C:\Users\Ffej
2014-08-04 05:18 - 2014-08-04 05:18 - 00000915 _____ () C:\Users\Ffej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-08-04 05:18 - 2014-08-04 05:18 - 00000020 ___SH () C:\Users\Ffej\ntuser.ini
2014-08-04 05:18 - 2014-08-04 05:18 - 00000000 ____D () C:\Users\Ffej\AppData\Local\VirtualStore
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagwrn.xml
2014-08-04 04:29 - 2014-08-04 04:29 - 00001905 _____ () C:\Windows\diagerr.xml
2014-08-02 20:57 - 2014-08-01 12:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-02 20:53 - 2014-08-01 12:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-02 20:51 - 2014-08-02 20:51 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-02 15:09 - 2011-08-13 13:08 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\Media Player Classic
2014-08-01 21:16 - 2010-11-12 22:02 - 00061048 _____ () C:\Users\Nat\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-01 18:41 - 2014-08-04 05:18 - 00000000 ____D () C:\Users\Ffej\AppData\Local\Microsoft Help
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-08-01 18:41 - 2014-08-01 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-01 18:39 - 2014-08-01 12:35 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-08-01 18:39 - 2006-11-02 08:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-01 12:37 - 2014-08-01 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-01 12:33 - 2011-05-08 00:51 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-08-01 12:31 - 2014-08-01 12:30 - 00000000 ____D () C:\Windows\SHELLNEW
2014-08-01 12:30 - 2014-08-01 12:30 - 00000000 ____D () C:\Users\Nat\AppData\Local\Microsoft Help
2014-08-01 12:29 - 2014-08-01 12:29 - 00000000 __RHD () C:\MSOCache
2014-07-29 19:32 - 2011-08-25 12:20 - 00000000 ____D () C:\Users\Nat\AppData\Local\Microsoft Games
2014-07-28 21:39 - 2010-11-12 22:01 - 00000680 _____ () C:\Users\Nat\AppData\Local\d3d9caps.dat
2014-07-26 16:38 - 2011-07-08 21:24 - 00000000 ____D () C:\Users\Nat\AppData\Local\Windows Live
2014-07-26 15:13 - 2014-07-26 15:13 - 00000000 ____D () C:\Users\Nat\AppData\Local\{1565618D-E4E4-433E-9CC2-DCA980378EC2}
2014-07-26 15:13 - 2014-07-25 21:26 - 00000000 ____D () C:\Users\Nat\AppData\Local\Windows Live Writer
2014-07-26 11:11 - 2006-11-02 08:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-26 08:57 - 2010-11-12 22:01 - 00000000 ____D () C:\Users\Nat
2014-07-26 08:56 - 2014-07-26 08:56 - 00000000 ____D () C:\Program Files\SigmaTel
2014-07-26 08:56 - 2010-11-12 22:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-26 08:55 - 2014-07-26 08:51 - 09127120 _____ () C:\Users\Nat\Downloads\R218148.exe
2014-07-26 08:00 - 2011-08-26 15:06 - 00000000 ____D () C:\Program Files\Windows Live
2014-07-26 07:59 - 2014-07-26 07:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-07-26 07:39 - 2014-07-26 07:38 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2014-07-26 07:34 - 2011-08-26 15:10 - 00001227 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2014-07-26 07:22 - 2014-07-26 07:22 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-07-26 07:22 - 2014-07-26 07:21 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-07-26 07:21 - 2014-07-26 07:21 - 00002025 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-07-26 07:20 - 2014-07-26 07:20 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-26 03:06 - 2014-07-26 03:06 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\PeerNetworking
2014-07-26 01:08 - 2014-07-26 01:08 - 03007700 _____ () C:\Users\Nat\Downloads\revouninstaller (1).zip
2014-07-26 00:58 - 2014-07-26 00:58 - 00000820 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2014-07-26 00:58 - 2014-07-26 00:57 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-26 00:51 - 2014-07-26 00:51 - 01742864 _____ () C:\Users\Nat\Downloads\wrar510.exe
2014-07-26 00:46 - 2014-07-26 00:46 - 03007700 _____ () C:\Users\Nat\Downloads\revouninstaller.zip
2014-07-25 21:27 - 2014-07-25 21:26 - 00000000 ____D () C:\Users\Nat\AppData\Local\{E6488CBE-99E6-4EDD-9297-4F24E9CA954D}
2014-07-25 21:26 - 2014-07-25 21:26 - 00000000 ____D () C:\Users\Nat\Documents\My Weblog Posts
2014-07-25 21:26 - 2014-07-25 21:26 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\Windows Live Writer
2014-07-25 13:18 - 2011-03-20 13:41 - 00000000 ____D () C:\Extras
2014-07-24 08:57 - 2014-07-24 08:54 - 00788436 _____ () C:\Users\Nat\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-07-24 02:24 - 2011-09-29 19:31 - 00000000 ____D () C:\Users\Nat\AppData\Roaming\Vso
2014-07-24 02:09 - 2014-07-24 02:09 - 00027242 _____ () C:\Users\Nat\Downloads\[kickass.to]pestilence.discography.full.torrent
2014-07-24 01:12 - 2014-07-24 00:14 - 22565576 _____ () C:\Users\Nat\Downloads\R173590.exe
2014-07-23 00:45 - 2014-07-23 00:45 - 00000000 ____D () C:\Program Files\Safer Networking
2014-07-23 00:41 - 2011-09-29 19:33 - 00000668 _____ () C:\Users\Nat\AppData\Roaming\vso_ts_preview.xml
2014-07-23 00:41 - 2006-11-02 08:18 - 00000000 ___RD () C:\Users\Public
2014-07-23 00:37 - 2006-11-02 08:18 - 00000000 ____D () C:\Windows\Branding
2014-07-21 21:15 - 2006-11-02 07:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-18 20:12 - 2014-07-18 20:12 - 00039128 _____ () C:\Users\Nat\Documents\cc_20140718_201201.reg
2014-07-18 19:57 - 2014-07-18 19:56 - 01432904 _____ (Yahoo! Inc.) C:\Users\Nat\Downloads\ytb_7.0.5.0_1.4.0_cnetl_uber_setup_.exe
2014-07-18 17:06 - 2014-07-18 17:06 - 00000000 ____D () C:\Users\Jeff
2014-07-18 16:28 - 2014-07-18 16:28 - 00027742 _____ () C:\Users\Nat\Downloads\Result.txt
2014-07-16 20:50 - 2012-09-11 16:47 - 00001975 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-13 03:51 - 2014-07-13 03:51 - 00000000 ____D () C:\ProgramData\WindowsSearch
Some content of TEMP:
====================
C:\Users\Ffej\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-12 13:27
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:12-08-2014 01
Ran by Ffej at 2014-08-12 15:42:08
Running from C:\Users\Nat\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AGON (HKLM\...\AGON_CD) (Version: - )
Ashampoo Burning Studio 10.0.1 (HKLM\...\Ashampoo Burning Studio 10_is1) (Version: 10.0.1 - ashampoo GmbH & Co. KG)
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
ConvertXtoDVD 3.0.0.9 (HKLM\...\{76C24F39-B161-498F-BD8B-C64789812D13}_is1) (Version: 3.0.0.9 - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)
Go PDF Reader (HKLM\...\GoPDFReader) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.22.6.3 - Marvell)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 6.0 - Power Software Ltd)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
RunAlyzer (HKLM\...\{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1) (Version: 1.6.0.21 - Safer Networking Limited)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.4.11328 - Skype Technologies S.A.)
Skype™ 6.1 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.1.129 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Video DVD Maker v3.32.0.80 (HKLM\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version: - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.621 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4040.0 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3345878006-48315690-652183031-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
==================== Restore Points =========================
04-08-2014 11:15:06 Scheduled Checkpoint
05-08-2014 11:14:48 Scheduled Checkpoint
06-08-2014 11:09:26 Scheduled Checkpoint
06-08-2014 20:52:38 Uniblue SpeedUpMyPC installation
06-08-2014 21:11:25 RegClean Pro Wed, Aug 06, 14 18:11
06-08-2014 22:52:41 Windows Update
08-08-2014 00:36:48 Scheduled Checkpoint
09-08-2014 03:12:51 Scheduled Checkpoint
09-08-2014 23:59:31 Windows Update
10-08-2014 12:45:44 Removed Microsoft Silverlight
11-08-2014 07:40:58 Windows Backup
11-08-2014 19:57:36 Removed Microsoft Silverlight
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 07:23 - 2006-09-18 18:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {555B7567-2D59-47C1-A5FB-11A36915DD06} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {64EA20CF-8DF7-48DA-BE56-FEBE4EDED69D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-11] (Google Inc.)
Task: {6A7193D8-5911-457A-AC56-A5D431D57937} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7C0F8A2D-04D7-4AE4-A1F7-98063E2F548C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {CB7E27D4-9166-4347-9B09-8225EDF4F3FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {D19A5D9D-EC9F-425B-8A26-EDB7E6AD5D29} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-11] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-07-11 18:48 - 2011-08-04 14:42 - 00410624 _____ () C:\Program Files\Winamp\nsutil.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00078848 _____ () C:\Program Files\Winamp\nde.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00023040 _____ () C:\Program Files\Winamp\System\albumart.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00174080 _____ () C:\Program Files\Winamp\System\auth.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00019456 _____ () C:\Program Files\Winamp\System\bmp.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00047616 _____ () C:\Program Files\Winamp\zlib.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00044544 _____ () C:\Program Files\Winamp\System\devices.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00016896 _____ () C:\Program Files\Winamp\System\dlmgr.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00014336 _____ () C:\Program Files\Winamp\System\filereader.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00019456 _____ () C:\Program Files\Winamp\System\gif.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00016384 _____ () C:\Program Files\Winamp\System\gracenote.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00623616 _____ () C:\Program Files\Winamp\System\jnetlib.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00154624 _____ () C:\Program Files\Winamp\System\jpeg.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00084480 _____ () C:\Program Files\Winamp\System\playlist.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00103936 _____ () C:\Program Files\Winamp\System\png.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00013824 _____ () C:\Program Files\Winamp\System\primo.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00021504 _____ () C:\Program Files\Winamp\System\tagz.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00035328 _____ () C:\Program Files\Winamp\System\timer.w5s
2011-07-11 18:48 - 2011-08-04 14:43 - 00090112 _____ () C:\Program Files\Winamp\System\xml.w5s
2011-07-11 18:48 - 2011-08-04 14:42 - 00102400 _____ () C:\Program Files\Winamp\Plugins\in_cdda.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00060928 _____ () C:\Program Files\Winamp\Plugins\in_flac.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00007168 _____ () C:\Program Files\Winamp\Plugins\in_linein.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00109568 _____ () C:\Program Files\Winamp\Plugins\in_midi.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00165376 _____ () C:\Program Files\Winamp\Plugins\in_mod.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00285696 _____ () C:\Program Files\Winamp\Plugins\in_mp3.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00050688 _____ () C:\Program Files\Winamp\Plugins\in_mp4.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00252416 _____ () C:\Program Files\Winamp\Plugins\in_vorbis.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00016896 _____ () C:\Program Files\Winamp\Plugins\in_wave.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00253440 _____ () C:\Program Files\Winamp\libsndfile.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00313344 _____ () C:\Program Files\Winamp\Plugins\in_wm.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00022528 _____ () C:\Program Files\Winamp\Plugins\out_disk.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00052224 _____ () C:\Program Files\Winamp\Plugins\out_ds.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00018432 _____ () C:\Program Files\Winamp\Plugins\out_wave.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 01737728 _____ () C:\Program Files\Winamp\Plugins\gen_ff.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00083968 _____ () C:\Program Files\Winamp\tataki.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00027648 _____ () C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
2010-11-10 14:29 - 2011-08-04 14:42 - 00183808 _____ () C:\Program Files\Winamp\Plugins\gen_jumpex.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00312832 _____ () C:\Program Files\Winamp\Plugins\gen_ml.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00293376 _____ () C:\Program Files\Winamp\Plugins\ml_local.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00082944 _____ () C:\Program Files\Winamp\Plugins\ml_playlists.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00124928 _____ () C:\Program Files\Winamp\Plugins\ml_online.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00249856 _____ () C:\Program Files\Winamp\Plugins\ml_devices.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00200192 _____ () C:\Program Files\Winamp\Plugins\ml_disc.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00240640 _____ () C:\Program Files\Winamp\Plugins\ml_pmp.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00060928 _____ () C:\Program Files\Winamp\Plugins\pmp_android.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00170496 _____ () C:\Program Files\Winamp\Plugins\pmp_ipod.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00020480 _____ () C:\Program Files\Winamp\Plugins\pmp_njb.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00118272 _____ () C:\Program Files\Winamp\Plugins\pmp_p4s.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00053760 _____ () C:\Program Files\Winamp\Plugins\pmp_usb.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00113152 _____ () C:\Program Files\Winamp\Plugins\pmp_wifi.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00027648 _____ () C:\Program Files\Winamp\Plugins\ml_bookmarks.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00052224 _____ () C:\Program Files\Winamp\Plugins\ml_history.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00028672 _____ () C:\Program Files\Winamp\Plugins\ml_autotag.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00057344 _____ () C:\Program Files\Winamp\Plugins\ml_impex.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00083456 _____ () C:\Program Files\Winamp\Plugins\ml_plg.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00033792 _____ () C:\Program Files\Winamp\Plugins\ml_rg.dll
2011-07-11 18:48 - 2011-08-04 14:43 - 00031744 _____ () C:\Program Files\Winamp\Plugins\ml_transcode.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00057344 _____ () C:\Program Files\Winamp\Plugins\gen_orgler.dll
2011-07-11 18:48 - 2011-08-04 14:42 - 00025600 _____ () C:\Program Files\Winamp\Plugins\gen_tray.dll
2014-07-16 20:50 - 2014-07-15 06:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-16 20:50 - 2014-07-15 06:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-16 20:50 - 2014-07-15 06:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\Nat\Downloads\this might be interesting to you. (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Nat\Downloads\this might be interesting to you..eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr =>
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SpUninstallCleanUp => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
MSCONFIG\startupreg: SSDMonitor => C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/12/2014 11:51:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application winamp.exe, version 5.6.2.3173, time stamp 0x4e1b6f92, faulting module MSVCR90.dll, version 9.0.30729.1, time stamp 0x488ef6c5, exception code 0xc0000417, fault offset 0x0002f93e,
process id 0xa70, application start time 0xwinamp.exe0.
Error: (08/11/2014 09:07:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application winamp.exe, version 5.6.2.3173, time stamp 0x4e1b6f92, faulting module MSVCR90.dll, version 9.0.30729.1, time stamp 0x488ef6c5, exception code 0xc0000417, fault offset 0x0002f93e,
process id 0xe04, application start time 0xwinamp.exe0.
Error: (08/11/2014 01:20:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application winamp.exe, version 5.6.2.3173, time stamp 0x4e1b6f92, faulting module MSVCR90.dll, version 9.0.30729.1, time stamp 0x488ef6c5, exception code 0xc0000417, fault offset 0x0002f93e,
process id 0xfc, application start time 0xwinamp.exe0.
Error: (08/11/2014 01:17:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (08/11/2014 01:14:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2014 01:12:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application winamp.exe, version 5.6.2.3173, time stamp 0x4e1b6f92, faulting module MSVCR90.dll, version 9.0.30729.1, time stamp 0x488ef6c5, exception code 0xc0000417, fault offset 0x0002f93e,
process id 0xfac, application start time 0xwinamp.exe0.
Error: (08/11/2014 00:38:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (08/11/2014 00:28:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (08/11/2014 00:28:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/11/2014 09:22:15 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
System errors:
=============
Error: (08/11/2014 01:14:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: gqbhjg
hqmpym
hzgqpf
Error: (08/11/2014 01:14:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (08/11/2014 00:28:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: gqbhjg
hqmpym
hzgqpf
Error: (08/11/2014 00:28:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (08/11/2014 11:02:18 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.2.12 for the Network Card with network address 001FE1C313A4 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
Error: (08/11/2014 08:27:01 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
Feature: %%834
Error Code: 0x80004005
Error description: Unspecified error
Reason: %%838
Error: (08/11/2014 08:08:12 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update
Error: (08/11/2014 08:08:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: TPM Base Services
Error: (08/11/2014 08:08:11 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.
Feature: %%834
Error Code: 0x80004005
Error description: Unspecified error
Reason: %%838
Error: (08/11/2014 08:02:16 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: KtmRm for Distributed Transaction Coordinator
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-08-11 15:33:01.360
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:33:00.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:33:00.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:59.764
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:59.083
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:58.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:58.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:57.483
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22665_none_b36bda857faff8dc\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:56.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-08-11 15:32:56.380
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 2037.31 MB
Available physical RAM: 914.08 MB
Total Pagefile: 4371.94 MB
Available Pagefile: 2983.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1928.27 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:136.74 GB) (Free:84.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:598.99 GB) NTFS
Drive i: (My Passport) (Fixed) (Total:931.48 GB) (Free:194.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=06)
Partition 3: (Active) - (Size=137 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=06)
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: B93FCA86)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-12 16:57:33
-----------------------------
16:57:33.847 OS Version: Windows 6.0.6002 Service Pack 2
16:57:33.847 Number of processors: 2 586 0xF0D
16:57:33.847 ComputerName: JEFF UserName: Ffej
16:57:55.718 Initialize success
16:57:55.812 VM: initialized successfully
16:57:56.171 VM: Intel CPU virtualization not supported
16:58:42.674 AVAST engine defs: 14081200
16:58:47.573 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
16:58:47.573 Disk 0 Vendor: SAMSUNG_ HH10 Size: 152627MB BusType: 3
16:58:47.916 Disk 0 MBR read successfully
16:58:47.931 Disk 0 MBR scan
16:58:48.009 Disk 0 Windows VISTA default MBR code
16:58:48.009 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
16:58:48.041 Disk 0 Partition 2 00 06 FAT16 10000 MB offset 81920
16:58:48.072 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 140026 MB offset 20561920
16:58:48.150 Disk 0 Partition 4 00 06 FAT16 2559 MB offset 307337216
16:58:48.165 Disk 0 scanning sectors +312578048
16:58:48.680 Disk 0 scanning C:\Windows\system32\drivers
16:59:20.420 Service scanning
16:59:39.091 Service MpKslb1b04789 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BB6E96FC-71D2-4038-851B-7C230689A908}\MpKslb1b04789.sys **LOCKED** 32
17:00:05.408 Modules scanning
17:00:14.472 Disk 0 trace - called modules:
17:00:14.503 ntkrnlpa.exe hal.dll CLASSPNP.SYS disk.sys iaStor.sys
17:00:14.503 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87705860]
17:00:14.519 3 CLASSPNP.SYS[849a98b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x874da028]
17:00:15.533 AVAST engine scan C:\Windows
17:00:20.119 AVAST engine scan C:\Windows\system32
17:06:26.097 AVAST engine scan C:\Windows\system32\drivers
17:06:53.752 AVAST engine scan C:\Users\Ffej
17:07:21.878 AVAST engine scan C:\ProgramData
17:08:39.578 Scan finished successfully
17:09:08.473 Disk 0 MBR has been saved successfully to "J:\MBR.dat"
17:09:08.536 The log file has been saved successfully to "J:\aswMBR.txt"