Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot log into certain web sites [Solved]

login internet web sites

  • This topic is locked This topic is locked

#16
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingc...opic308364.html

Program started at: 09/03/2014 06:57:03 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (PID: 2360) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 09/03/2014 06:58:25 AM
Execution time: 0 hours(s), 1 minute(s), and 22 seconds(s)

 


  • 0

Advertisements


#17
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014
Ran by WAYNE at 2014-09-03 07:03:34 Run:2
Running from C:\Users\WAYNE\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
EmptyTemp:
*****************

EmptyTemp: => Removed 10 GB temporary data.


The system needed a reboot.

==== End of Fixlog ====


  • 0

#18
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

I uninstalled Security Essentials but I see I still have an icon for it.

 

Before I forget, I want to ask you: I have Secunia PSI to check for out of date programs and update them. It was recommended by a geeks member a few years ago. It's not the most user friendly. Do you PSI, or can you recommend something else?


  • 0

#19
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Can you tell me if I have any viruses that can read my keystrokes, like if I was to enter passwords on sensitive sites like my bank?


  • 0

#20
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello again wayneman50,

 

 

It's not the most user friendly. Do you PSI, or can you recommend something else?


No I don't use it. Every now and then I just update the drivers through the hardware update wizard in device management (Control Panel > Device Management, right click on the driver/item and select Update Driver Software ). There is FileHippo Update Checker which I know is used by quite a few people.
 

Can you tell me if I have any viruses that can read my keystrokes, like if I was to enter passwords on sensitive sites like my bank?


There is malicious software that can follow your keystrokes and there is (very rare I think in the personal computer area) hardware that can be used to follow keystrokes.

A colleague has carried out some research on this.

He says

If the keylogger is software based, the best free antikeylogger software I know is IHateKeyloggers.. I tested it myself on 5 different commercial keyloggers.. While it can't block screencapture, it blocks all commercial keystroke logging software that I tested (yes, all commercial keylogger program that I tested).. It won't remove the keylogger software, but it will blok the keystroke from being logged. There maybe others but I strongly recommend IHateKeyloggers


http://dewasoft.com/...-keyloggers.htm

For hardware based keyloggers he provides these links with some information:

http://dewasoft.com/...-keyloggers.htm

http://www.keelog.com/diy.html

If you're afraid of keylogging passwords use a password program like Password Corral or Password Vault. That way the only things logged will be stuff like Ctrl-F1, Ctrl-V instead of *****************************************.

KeyScrambler is very good as well, its a Firefox add-on.



I uninstalled Security Essentials but I see I still have an icon for it.


Is that still there after a reboot?

If it is then please do this:

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

After that

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

 

 


  • 0

#21
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

So you can't tell from my logs if I have a keylogger? There's no way to tell? Can you and the other geeks members only track down malware/viruses that display symptoms?

 

I will perform the steps you have specified and get back to you.

 

I am grateful for your help.


  • 0

#22
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

I sometimes worry: Do I have a virus or malware that's doing something that I'm not aware of at the present time?


  • 0

#23
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

So you can't tell from my logs if I have a keylogger? There's no way to tell? Can you and the other geeks members only track down malware/viruses that display symptoms?


There are two parts to those sentences.

Firstly, we can never be sure we have completely cleaned a machine. The only way you can be sure is if you format the hard drive. Even then, when you reinstall your software and data you may reintroduce something. Also a reformat only deals with the software, if there is an hardware intrusion that would still be there after a format. The only way to get rid of that is to physically removed it.

Secondly, we do work on looking for malware that displays symptoms but we also use tools/scans that look for signs of software that shouldn't be there. Malware may not necessarily display symptoms.
 

I sometimes worry: Do I have a virus or malware that's doing something that I'm not aware of at the present time?


In my view you can never be completely sure. Having said that, if your machine is performing well, no bad symptoms, nothing suspicious and good security program scans show things as clean, then I think you can be pretty confident.
 


  • 0

#24
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by WAYNE (administrator) on WAYNE-HP on 03-09-2014 19:43:24
Running from C:\Users\WAYNE\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 10\cbService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Roxio) C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader.exe [882176 2013-12-20] (Vitzo)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-14] (PDF Complete Inc)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [RoxioDragToDisc] => C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe [1116920 2006-08-17] (Roxio)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Cobian Backup 10 Interface] => C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe [3154432 2010-09-23] (Luis Cobian, CobianSoft)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056976 2014-06-27] (Carbonite, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-17] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *‮* <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\anvsoft\youtube.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\windowsxp-kb969084-x86-enu.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\inst.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\techwizard\mediamanager.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\inst.exe <====== ATTENTION
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [Amazon Cloud Player] => C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] ()
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-10-24] (AMD)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Carbonite.Green -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: Carbonite.Partial -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: Carbonite.Yellow -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.briansetzer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-17]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-17] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 cbVSCService; C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe [67584 2010-09-23] (CobianSoft, Luis Cobian) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 CobianBackup10; C:\Program Files (x86)\Cobian Backup 10\cbService.exe [1125376 2010-09-23] (Luis Cobian, CobianSoft) [File not signed]
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [358984 2014-05-21] (Verizon) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
S3 stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-17] ()
R2 DLABMFSE; C:\Windows\System32\DLA\DLABMFSE.SYS [44152 2006-08-18] (Roxio)
R2 DLABOIOE; C:\Windows\System32\DLA\DLABOIOE.SYS [41976 2006-08-18] (Roxio)
S1 DLACDBHE; C:\Windows\System32\Drivers\DLACDBHE.SYS [15992 2006-08-11] (Roxio)
R2 DLADResE; C:\Windows\System32\DLA\DLADResE.SYS [10360 2006-08-18] (Roxio)
R2 DLAIFS_E; C:\Windows\System32\DLA\DLAIFS_E.SYS [141432 2006-08-18] (Roxio)
R2 DLAOPIOE; C:\Windows\System32\DLA\DLAOPIOE.SYS [33656 2006-08-18] (Roxio)
R2 DLAPoolE; C:\Windows\System32\DLA\DLAPoolE.SYS [18040 2006-08-18] (Roxio)
R1 DLARTL_E; C:\Windows\System32\Drivers\DLARTL_E.SYS [39288 2006-08-11] (Roxio)
R2 DLAUDFAE; C:\Windows\System32\DLA\DLAUDFAE.SYS [136952 2006-08-18] (Roxio)
R2 DLAUDF_E; C:\Windows\System32\DLA\DLAUDF_E.SYS [143096 2006-08-18] (Roxio)
R0 DRVECDB; C:\Windows\System32\Drivers\DRVECDB.SYS [122776 2006-07-21] (Sonic Solutions)
R2 DRVEDDM; C:\Windows\System32\Drivers\DRVEDDM.SYS [63608 2006-08-11] (Roxio)
R0 pavboot; C:\Windows\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 06:57 - 2014-09-03 06:58 - 00002292 _____ () C:\Users\WAYNE\Desktop\Rkill.txt
2014-09-03 06:56 - 2014-09-03 06:56 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\WAYNE\Desktop\rkill.com
2014-09-02 21:26 - 2014-09-02 21:26 - 00045376 _____ () C:\Users\WAYNE\Desktop\Addition.txt
2014-09-02 21:24 - 2014-09-03 19:43 - 00039824 _____ () C:\Users\WAYNE\Desktop\FRST.txt
2014-09-02 21:24 - 2014-09-03 19:43 - 00000000 ____D () C:\FRST
2014-09-02 21:23 - 2014-09-02 21:23 - 02104832 _____ (Farbar) C:\Users\WAYNE\Desktop\FRST64.exe
2014-09-02 21:15 - 2014-09-02 21:15 - 00000000 _____ () C:\Windows\SysWOW64\sho1DFC.tmp
2014-09-02 21:09 - 2014-09-02 21:14 - 00000000 ____D () C:\AdwCleaner
2014-09-02 20:30 - 2014-09-02 20:30 - 01370483 _____ () C:\Users\WAYNE\Desktop\AdwCleaner.exe
2014-09-02 20:15 - 2014-09-02 20:20 - 00396735 _____ () C:\Users\WAYNE\Downloads\avgremover.log
2014-09-02 20:15 - 2014-09-02 20:15 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\WAYNE\Downloads\avg_remover_stf_x64_2014_4116.exe
2014-08-28 07:24 - 2014-08-28 07:24 - 00089902 _____ () C:\Users\WAYNE\Desktop\Extras.Txt
2014-08-28 07:22 - 2014-08-28 07:22 - 00115900 _____ () C:\Users\WAYNE\Desktop\OTL.Txt
2014-08-28 07:10 - 2014-08-28 07:10 - 00602112 _____ (OldTimer Tools) C:\Users\WAYNE\Desktop\OTL.exe
2014-08-27 14:10 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 14:10 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 14:10 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 14:12 - 2014-08-20 14:12 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-19 20:35 - 2014-09-03 07:08 - 00027814 _____ () C:\Windows\PFRO.log
2014-08-19 17:18 - 2014-08-19 17:18 - 00001090 _____ () C:\Users\Public\Desktop\DVDFab 9 US.lnk
2014-08-19 17:18 - 2014-08-19 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US
2014-08-19 17:18 - 2014-08-19 17:18 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 US
2014-08-19 17:15 - 2014-08-19 17:15 - 54709888 _____ (Fengtao Software Inc. ) C:\Users\WAYNE\Downloads\DVDFab9163US.exe
2014-08-18 13:53 - 2014-08-18 18:27 - 00008680 _____ () C:\Users\WAYNE\Documents\Vanguard reinvestments.xlsx
2014-08-17 11:19 - 2014-08-17 11:19 - 00000000 ____D () C:\Users\WAYNE\AppData\Roaming\AVAST Software
2014-08-17 11:18 - 2014-09-02 20:21 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-17 11:18 - 2014-08-17 11:18 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-17 11:18 - 2014-08-17 11:18 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-17 11:18 - 2014-08-17 11:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-17 11:06 - 2014-08-17 11:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-17 11:05 - 2014-08-17 11:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-17 10:08 - 2014-09-01 21:28 - 00009630 _____ () C:\Users\WAYNE\Documents\Fidelity reinvestment.xlsx
2014-08-14 12:33 - 2014-08-14 12:34 - 00001847 _____ () C:\DelFix.txt
2014-08-14 08:30 - 2014-08-14 08:30 - 00000000 _____ () C:\Windows\SysWOW64\sho66F1.tmp
2014-08-14 08:17 - 2014-08-14 08:17 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2014-08-14 08:17 - 2014-08-14 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2014-08-14 08:17 - 2014-08-14 08:17 - 00000000 ____D () C:\ProgramData\Foolish IT
2014-08-14 08:17 - 2014-08-14 08:17 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2014-08-14 03:03 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:03 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:03 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:03 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:03 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:03 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 03:02 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:02 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 00:20 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 00:20 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 00:20 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 00:20 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 00:20 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 00:20 - 2014-07-08 22:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 00:20 - 2014-07-08 22:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 00:20 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 00:20 - 2014-07-08 21:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 00:20 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 00:20 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 00:20 - 2014-07-08 21:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 00:20 - 2014-07-08 18:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 00:20 - 2014-07-08 18:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 00:20 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 00:20 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 00:20 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 00:20 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 00:20 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 00:20 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 00:20 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 00:20 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 00:20 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 00:20 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 00:19 - 2014-08-06 22:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 00:19 - 2014-08-06 22:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 00:19 - 2014-07-31 19:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 00:19 - 2014-07-31 19:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 00:19 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 00:19 - 2014-07-25 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 00:19 - 2014-07-25 10:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 00:19 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 00:19 - 2014-07-25 09:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 00:19 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 00:19 - 2014-07-25 09:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 00:19 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 00:19 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 00:19 - 2014-07-25 09:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 00:19 - 2014-07-25 09:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 00:19 - 2014-07-25 09:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 00:19 - 2014-07-25 09:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 00:19 - 2014-07-25 09:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 00:19 - 2014-07-25 09:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 00:19 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 00:19 - 2014-07-25 08:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 00:19 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 00:19 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 00:19 - 2014-07-25 08:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 00:19 - 2014-07-25 08:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 00:19 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 00:19 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 00:19 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 00:19 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 00:19 - 2014-07-25 08:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 00:19 - 2014-07-25 08:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 00:19 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 00:19 - 2014-07-25 08:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 00:19 - 2014-07-25 08:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 00:19 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 00:19 - 2014-07-25 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 00:19 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 00:19 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 00:19 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 00:19 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 00:19 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 00:19 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 00:19 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 00:19 - 2014-07-25 07:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 00:19 - 2014-07-25 07:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 00:19 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 00:19 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 00:19 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 00:19 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 00:19 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 00:19 - 2014-07-25 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 00:19 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 00:19 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 00:19 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 00:19 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 00:19 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 00:19 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 00:19 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 00:19 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 00:19 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 08:36 - 2014-08-13 08:36 - 00960320 _____ (Foolish IT LLC ) C:\Users\WAYNE\Downloads\CryptoPreventSetup.exe
2014-08-12 22:00 - 2014-08-12 22:36 - 00000000 ____D () C:\Windows\erdnt
2014-08-11 18:21 - 2014-08-24 20:28 - 00000906 _____ () C:\Users\WAYNE\Documents\Tim Devine trade.txt
2014-08-11 17:47 - 2014-08-11 17:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 17:47 - 2014-08-11 17:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 17:47 - 2014-08-11 17:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 17:47 - 2014-08-11 17:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 17:47 - 2014-08-11 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-05 16:57 - 2014-08-05 16:57 - 00290816 _____ (SUPERAntiSpyware.com) C:\Users\WAYNE\Downloads\SASUNINST64.EXE
2014-08-04 23:38 - 2014-08-06 20:15 - 00003451 _____ () C:\Users\WAYNE\Documents\Love Never Felt So Good.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 19:43 - 2014-09-02 21:24 - 00039824 _____ () C:\Users\WAYNE\Desktop\FRST.txt
2014-09-03 19:43 - 2014-09-02 21:24 - 00000000 ____D () C:\FRST
2014-09-03 19:43 - 2012-04-06 05:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 19:31 - 2010-12-28 18:01 - 01330089 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 18:53 - 2014-07-10 08:26 - 00004974 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for WAYNE-HP-WAYNE WAYNE-HP
2014-09-03 18:43 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 18:43 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 18:35 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 18:35 - 2009-07-14 00:51 - 00163868 _____ () C:\Windows\setupact.log
2014-09-03 07:08 - 2014-08-19 20:35 - 00027814 _____ () C:\Windows\PFRO.log
2014-09-03 06:58 - 2014-09-03 06:57 - 00002292 _____ () C:\Users\WAYNE\Desktop\Rkill.txt
2014-09-03 06:56 - 2014-09-03 06:56 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\WAYNE\Desktop\rkill.com
2014-09-02 21:26 - 2014-09-02 21:26 - 00045376 _____ () C:\Users\WAYNE\Desktop\Addition.txt
2014-09-02 21:23 - 2014-09-02 21:23 - 02104832 _____ (Farbar) C:\Users\WAYNE\Desktop\FRST64.exe
2014-09-02 21:15 - 2014-09-02 21:15 - 00000000 _____ () C:\Windows\SysWOW64\sho1DFC.tmp
2014-09-02 21:14 - 2014-09-02 21:09 - 00000000 ____D () C:\AdwCleaner
2014-09-02 20:59 - 2011-08-23 03:01 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-02 20:30 - 2014-09-02 20:30 - 01370483 _____ () C:\Users\WAYNE\Desktop\AdwCleaner.exe
2014-09-02 20:21 - 2014-08-17 11:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-02 20:20 - 2014-09-02 20:15 - 00396735 _____ () C:\Users\WAYNE\Downloads\avgremover.log
2014-09-02 20:15 - 2014-09-02 20:15 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\WAYNE\Downloads\avg_remover_stf_x64_2014_4116.exe
2014-09-02 19:41 - 2014-07-02 17:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-02 17:47 - 2011-04-21 15:20 - 00000000 ____D () C:\Users\WAYNE\Documents\VHS to DVD
2014-09-02 12:58 - 2012-06-03 05:45 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForWAYNE
2014-09-02 12:58 - 2012-06-03 05:45 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForWAYNE.job
2014-09-01 21:28 - 2014-08-17 10:08 - 00009630 _____ () C:\Users\WAYNE\Documents\Fidelity reinvestment.xlsx
2014-09-01 19:30 - 2014-07-03 08:08 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-29 12:58 - 2012-04-06 17:30 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-29 12:58 - 2011-01-22 10:11 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-29 00:01 - 2010-12-28 18:02 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-28 07:24 - 2014-08-28 07:24 - 00089902 _____ () C:\Users\WAYNE\Desktop\Extras.Txt
2014-08-28 07:22 - 2014-08-28 07:22 - 00115900 _____ () C:\Users\WAYNE\Desktop\OTL.Txt
2014-08-28 07:10 - 2014-08-28 07:10 - 00602112 _____ (OldTimer Tools) C:\Users\WAYNE\Desktop\OTL.exe
2014-08-28 03:00 - 2009-07-14 00:45 - 00446968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 18:12 - 2009-07-14 01:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-25 06:53 - 2011-01-20 21:12 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-24 20:28 - 2014-08-11 18:21 - 00000906 _____ () C:\Users\WAYNE\Documents\Tim Devine trade.txt
2014-08-22 22:07 - 2014-08-27 14:10 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-27 14:10 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-27 14:10 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 20:21 - 2012-03-13 09:38 - 00000000 ____D () C:\Users\WAYNE\Documents\DOV
2014-08-21 19:33 - 2014-04-30 15:53 - 00000000 ____D () C:\Users\WAYNE\Documents\Invoices for gigs
2014-08-20 14:12 - 2014-08-20 14:12 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\Program Files\iTunes
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\Program Files\iPod
2014-08-20 14:12 - 2014-08-20 14:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-19 20:41 - 2012-04-06 05:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-19 20:41 - 2012-04-06 05:43 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-19 20:41 - 2011-05-24 15:34 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-19 17:18 - 2014-08-19 17:18 - 00001090 _____ () C:\Users\Public\Desktop\DVDFab 9 US.lnk
2014-08-19 17:18 - 2014-08-19 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US
2014-08-19 17:18 - 2014-08-19 17:18 - 00000000 ____D () C:\Program Files (x86)\DVDFab 9 US
2014-08-19 17:18 - 2013-04-28 15:38 - 00000000 ____D () C:\Users\WAYNE\Documents\DVDFab9
2014-08-19 17:18 - 2013-04-28 15:38 - 00000000 ____D () C:\Users\WAYNE\AppData\Roaming\DVDFab9
2014-08-19 17:15 - 2014-08-19 17:15 - 54709888 _____ (Fengtao Software Inc. ) C:\Users\WAYNE\Downloads\DVDFab9163US.exe
2014-08-18 18:27 - 2014-08-18 13:53 - 00008680 _____ () C:\Users\WAYNE\Documents\Vanguard reinvestments.xlsx
2014-08-18 13:52 - 2014-04-29 12:29 - 00010917 _____ () C:\Users\WAYNE\Documents\Nursing home gigs log.xlsx
2014-08-17 22:27 - 2011-01-20 11:30 - 00000000 ____D () C:\Users\WAYNE\AppData\Local\CrashDumps
2014-08-17 18:26 - 2011-02-27 11:58 - 00000000 ____D () C:\Users\WAYNE\AppData\Roaming\SoftGrid Client
2014-08-17 16:43 - 2011-04-12 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 11:19 - 2014-08-17 11:19 - 00000000 ____D () C:\Users\WAYNE\AppData\Roaming\AVAST Software
2014-08-17 11:18 - 2014-08-17 11:18 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-17 11:18 - 2014-08-17 11:18 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-17 11:18 - 2014-08-17 11:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-17 11:06 - 2014-08-17 11:06 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-17 11:06 - 2014-08-17 11:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-16 22:56 - 2013-04-30 08:38 - 00000000 ____D () C:\Users\WAYNE\Documents\Rental
2014-08-15 09:46 - 2011-02-21 16:25 - 00000000 ____D () C:\Users\000
2014-08-14 12:34 - 2014-08-14 12:33 - 00001847 _____ () C:\DelFix.txt
2014-08-14 12:33 - 2014-07-30 22:16 - 00000000 ____D () C:\Windows\ERUNT
2014-08-14 12:33 - 2011-01-19 22:19 - 00000000 ____D () C:\Users\WAYNE
2014-08-14 12:00 - 2011-02-24 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-08-14 12:00 - 2011-02-24 18:24 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-08-14 11:28 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 08:30 - 2014-08-14 08:30 - 00000000 _____ () C:\Windows\SysWOW64\sho66F1.tmp
2014-08-14 08:17 - 2014-08-14 08:17 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2014-08-14 08:17 - 2014-08-14 08:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2014-08-14 08:17 - 2014-08-14 08:17 - 00000000 ____D () C:\ProgramData\Foolish IT
2014-08-14 08:17 - 2014-08-14 08:17 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2014-08-14 03:39 - 2014-04-30 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 03:39 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 03:16 - 2013-07-11 07:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:12 - 2011-01-20 11:47 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 08:36 - 2014-08-13 08:36 - 00960320 _____ (Foolish IT LLC ) C:\Users\WAYNE\Downloads\CryptoPreventSetup.exe
2014-08-12 22:37 - 2011-02-21 16:25 - 00000000 ____D () C:\Users\DOV
2014-08-12 22:37 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-08-12 22:36 - 2014-08-12 22:00 - 00000000 ____D () C:\Windows\erdnt
2014-08-12 22:34 - 2009-07-13 22:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-12 22:10 - 2009-07-13 22:34 - 17825792 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-08-12 22:10 - 2009-07-13 22:34 - 102760448 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-08-12 22:10 - 2009-07-13 22:34 - 01310720 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-08-12 22:10 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-08-12 22:10 - 2009-07-13 22:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-08-12 22:06 - 2010-12-28 18:07 - 00000000 ____D () C:\ProgramData\Temp
2014-08-11 18:34 - 2012-05-31 19:18 - 00003842 _____ () C:\Users\WAYNE\Documents\Buy stuff.txt
2014-08-11 17:48 - 2014-05-07 17:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 17:47 - 2014-08-11 17:47 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 17:47 - 2014-08-11 17:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 17:47 - 2014-08-11 17:47 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 17:47 - 2014-08-11 17:47 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 17:47 - 2014-08-11 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 17:47 - 2011-03-03 14:08 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-08 18:19 - 2014-03-16 07:37 - 00031232 _____ () C:\Users\WAYNE\Documents\Mood Swings mileage 2014.xls
2014-08-06 22:06 - 2014-08-14 00:19 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-06 22:01 - 2014-08-14 00:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 20:15 - 2014-08-04 23:38 - 00003451 _____ () C:\Users\WAYNE\Documents\Love Never Felt So Good.txt
2014-08-06 09:57 - 2011-02-25 21:51 - 00000000 ____D () C:\Program Files (x86)\SpywareGuard
2014-08-05 17:16 - 2014-07-18 18:16 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-05 17:00 - 2009-07-14 01:08 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-05 16:57 - 2014-08-05 16:57 - 00290816 _____ (SUPERAntiSpyware.com) C:\Users\WAYNE\Downloads\SASUNINST64.EXE
2014-08-05 15:23 - 2014-01-23 10:43 - 00013052 _____ () C:\Users\WAYNE\Documents\Nursing home gigs potential.xlsx
2014-08-04 22:43 - 2011-02-27 14:06 - 00000000 ____D () C:\Users\HP_Administrator\AppData\Local\CrashDumps

Files to move or delete:
====================
C:\Users\000\WindowsXP-KB969084-x86-enu.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 00:21

==================== End Of Log ============================


  • 0

#25
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by WAYNE at 2014-09-03 19:44:19
Running from C:\Users\WAYNE\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version:  - )
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.732.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter Ultimate 5.5.3 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Problem Report Wizard (Version: 3.0.821.0 - ATI Technologies) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.5.5 build 4151  (Jun-27-2014) - Carbonite)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CD Wave Editor version 1.72 (HKLM-x32\...\CD Wave_is1) (Version: 1.72 - )
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cobian Backup 10 (HKLM-x32\...\CobBackup10) (Version:  - )
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Premium (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.0.8.5 (19/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.3.6 (20/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.1.6.3 (18/08/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version:  - Fengtao Software Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.1.618 - Foxit Corporation)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
honestech VHS to DVD 5.0 Deluxe (x32 Version: 5.0 - honestech) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
IHA_MessageCenter (HKLM-x32\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
LP Recorder (HKLM-x32\...\{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}) (Version: 10.1.1.0 - CFB Software)
LP Ripper (HKLM-x32\...\LP Ripper) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
Roxio Creator Audio (HKLM-x32\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM-x32\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM-x32\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Express Labeler (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio Update Manager (HKLM-x32\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Secunia PSI (3.0.0.9015) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9015 - Secunia)
Sonic Activation Module (x32 Version: 1.0 - Sonic Solutions) Hidden
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.4012 - Intuit Inc.) Hidden
TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0457 - Intuit Inc.) Hidden
TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0213 - Intuit Inc.) Hidden
TurboTax 2010 wmdiper (x32 Version: 010.000.1238 - Intuit Inc.) Hidden
TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wmdiper (x32 Version: 012.000.1471 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1755 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0463 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0162 - Intuit Inc.) Hidden
TurboTax 2013 wmdiper (x32 Version: 013.000.1110 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
USB2.0 VIDBOX NW03  (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 3.0.2 - honestech)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version:  - )
VDownloader 3.9.1662 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-08-2014 06:00:06 Windows Backup
01-09-2014 23:36:23 Windows Update
02-09-2014 00:31:37 Windows Backup
02-09-2014 06:00:06 Windows Backup
03-09-2014 06:00:05 Windows Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-08-12 22:34 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05C2AFAB-1669-4270-B908-5AEDD12DCF61} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {06877174-721E-4255-AA9C-BE854A0E114D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {38B71762-1284-4B94-A366-CB1F0AE79EB2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4FED3EAD-C506-4B64-8138-5E7F988C17C0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-17] (AVAST Software)
Task: {7223C9AA-C842-44C1-92BE-D79A98AF1AD5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {737D388B-8F48-4B1B-87DB-2CC1255EA968} - System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2014-06-27] (Carbonite, Inc.)
Task: {742C998D-9267-4B64-BB56-9C85614E5EC7} - System32\Tasks\{3B88E11C-6EEE-4B9C-A1F4-ABB279A8096C} => C:\Program Files (x86)\SpywareGuard\sgmain.exe
Task: {7ACC31A4-07AC-4E7A-A258-6F5A96BD87F8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for WAYNE-HP-WAYNE WAYNE-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-29] (Microsoft Corporation)
Task: {81821ACE-5831-4B79-8C1C-F8757FC95A30} - System32\Tasks\{7E68DA7F-2A76-4A84-BFB3-3B6DAA99BDF6} => C:\Users\WAYNE\Downloads\AdobeFlashPlayer_11.5.502.110_ax_SPS.exe
Task: {835B6DC2-1078-473F-804A-5D06AAAAE057} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {8B16E2C5-FF87-41D9-9310-00FC75F06ABA} - System32\Tasks\{5FBB4B39-272E-4C4F-878B-627233C1A795} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {90024603-975D-469C-9ED7-EB984DF25BE7} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {9995EF72-A48A-4938-A1FE-F1A0E656C81A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {9A251B2E-642E-4BAF-B7A6-8DCB81AA4D15} - System32\Tasks\HPCeeScheduleForWAYNE => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {9E67EE41-AB70-4A98-92E3-731CE177AB97} - System32\Tasks\{94E71E9B-7B6C-401D-89CE-5E5DDAF5EAAE} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {AC0D89B0-E4ED-4F1C-AF28-F3D309FBC436} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-19] (Adobe Systems Incorporated)
Task: {B33FC54A-1480-440A-9D62-CD088134DCA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-29] (Microsoft Corporation)
Task: {BB7E4936-8FFC-4A58-8994-E027535C3860} - System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [2014-06-27] (Carbonite, Inc.)
Task: {BDF241B4-22EC-4B9B-BA91-D65EBFFC20CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {CE6001F5-C4AA-4BE0-822C-0286380D0109} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D7D6649F-71A9-47BD-8645-421C19840DD2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EF734928-4CE7-4D91-A444-A5AF158E76E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForWAYNE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-07-03 08:08 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-29 06:07 - 2014-08-29 06:07 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-03-06 10:58 - 2006-08-18 14:17 - 00049912 _____ () C:\Windows\system32\DLAAPI_W.DLL
2010-01-18 14:21 - 2010-01-18 14:21 - 00568888 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-02-04 16:50 - 2014-01-14 15:46 - 03140608 _____ () C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-17 11:18 - 2014-08-17 11:18 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-03 05:27 - 2014-09-03 05:27 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00854016 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-02-24 18:39 - 2011-02-24 18:39 - 00476520 _____ () C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
2013-06-25 06:29 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-08-17 11:18 - 2014-08-17 11:18 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 06:39:37 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.

Error: (09/03/2014 06:39:31 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.

Error: (09/03/2014 07:11:20 AM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.

Error: (09/03/2014 07:11:16 AM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.

Error: (09/03/2014 02:14:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service SAS Core Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (09/03/2014 02:00:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service SAS Core Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (09/03/2014 00:40:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/03/2014 00:39:30 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/02/2014 09:22:07 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.

Error: (09/02/2014 09:22:01 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.


System errors:
=============
Error: (09/03/2014 07:20:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (09/03/2014 06:35:30 PM) (Source: Application Popup) (EventID: 876) (User: )
Description: Driver DLACDBHE.SYS has been blocked from loading.

Error: (09/03/2014 06:09:05 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/03/2014 03:55:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/03/2014 10:54:13 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/03/2014 10:42:07 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/03/2014 10:42:03 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (09/03/2014 10:41:56 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (09/03/2014 10:41:56 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.

Error: (09/03/2014 10:41:55 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR3.


Microsoft Office Sessions:
=========================
Error: (09/03/2014 06:39:37 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2014 06:39:31 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2014 07:11:20 AM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2014 07:11:16 AM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/03/2014 02:14:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SAS Core Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2014 02:00:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service SAS Core Service since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.

Error: (09/03/2014 00:40:31 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/03/2014 00:39:30 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (09/02/2014 09:22:07 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/02/2014 09:22:01 PM) (Source: MsiInstaller) (EventID: 11706) (User: WAYNE-HP)
Description: Product: Roxio Update Manager -- Error 1706. An installation package for the product Roxio Update Manager cannot be found. Try the installation again using a valid copy of the installation package 'UM.MSI'.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-08-12 22:08:56.249
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-12 22:08:55.672
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Athlon™ II X4 635 Processor
Percentage of memory in use: 37%
Total physical RAM: 4095.29 MB
Available physical RAM: 2562.64 MB
Total Pagefile: 8188.75 MB
Available Pagefile: 6256.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:583.63 GB) (Free:269.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.44 GB) (Free:1.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Elements) (Fixed) (Total:465.76 GB) (Free:45.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 489EA3C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=583.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0002744A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

Advertisements


#26
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts
I uninstalled Security Essentials but I see I still have an icon for it.


I don't see Microsoft Security Essentials in those logs.

I assume you are referring to an icon on your desktop. I would just right click on it and delete.

Look forward to seeing how the ESET one goes. :)


  • 0

#27
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

C:\Administrator\Application Data\Mozilla\Firefox\Profiles\bs5hwbn9.default\user.js    JS/SecurityDisabler.A.Gen potentially unwanted application    deleted - quarantined
C:\Users\WAYNE\Desktop\ARO2011_tbt.exe    a variant of Win32/Systweak potentially unwanted application    deleted - quarantined
 


  • 0

#28
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

I still cannot log in.


  • 0

#29
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Okay I think it's time to uninstall Firefox completely and then reinstall.

 

This time we are going to try another approach with uninstalling an re-installing Firefox. We need to remove your Firefox profile data and settings. Before we do this we want to backup your bookmarks.

To back up your bookmarks:

In Firefox click the Bookmarks button Show All Bookmarks (likely down the bottom) > click Import and Backup(toolbar along the top) > Export HTML...  and save it to your desktop.

Later when you re-install FF you can reverse the process and Import HTML... when the Wizard comes up just import the HTML file you had saved earlier.

Now

Please go to Uninstall Firefox and follow the instructions for uninstalling Firefox. Make sure you check the box to Remove my Firefox personal data and customizations.

After that reinstall Firefox.

Note: If you do not have the Firefox Installer on your machine you will need to download it from here.

 


  • 0

#30
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

If you don't mind me asking...Since I can't log in on via Internet Explorer either, is the problem really with Firefox?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP