Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer acting real slow [Closed]


  • This topic is locked This topic is locked

#16
kingkeef

kingkeef

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Computer seems to come to a halt for about 5 seconds every 20 seconds or so especially when watching a youtube video. this mostly happens on google chrome. will post logs tomorrow, sorry I was away for a while.


  • 0

Advertisements


#17
kingkeef

kingkeef

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-09-2014
Ran by Arthur (administrator) on ARTHUR-PC on 23-09-2014 14:34:22
Running from C:\Users\Arthur\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.5.0.19\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.5.0.19\NIS.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\WINDOWS\System32\schtasks.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Sun Microsystems, Inc.) C:\WINDOWS\System32\jusched.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Akamai Technologies, Inc.) C:\Users\Arthur\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Akamai Technologies, Inc.) C:\Users\Arthur\AppData\Local\Akamai\netsession_win.exe
(Skillbrains) C:\Users\Arthur\AppData\Local\Skillbrains\lightshot\5.1.4.9\Lightshot.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Farbar) C:\Users\Arthur\Desktop\FRST (2).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2008-06-02] (Intel Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44168 2007-04-03] (soft thinks)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2954682461-3353532526-1526713206-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2954682461-3353532526-1526713206-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Arthur\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2954682461-3353532526-1526713206-1000\...\Run: [LightShot] => C:\Users\Arthur\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-07-01] ()
HKU\S-1-5-21-2954682461-3353532526-1526713206-1000\...\MountPoints2: J - J:\LaunchU3.exe -a
HKU\S-1-5-21-2954682461-3353532526-1526713206-1000\...\MountPoints2: {aa4d64e3-960b-11e0-8bbb-001d6072e52c} - F:\LaunchU3.exe -a
Startup: C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5520 series.lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKLM - {B8D1CD51-7BF1-46C4-8AB3-FF188CFDC9E8} URL = http://search.yahoo....ing}&fr=hp-pvdt
SearchScopes: HKLM - {F19C2718-2571-4319-807E-80B00C0057DD} URL = http://www.ask.com/w...}&l=dis&o=ushpd
SearchScopes: HKCU - {71B9D90B-4333-473A-ACEA-544A21CBBDC2} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKCU - {B8D1CD51-7BF1-46C4-8AB3-FF188CFDC9E8} URL = http://search.yahoo....ing}&fr=hp-pvdt
SearchScopes: HKCU - {BA56C4A6-3FEB-4774-BB3C-7FF707BEB11E} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {F19C2718-2571-4319-807E-80B00C0057DD} URL = http://www.ask.com/w...}&l=dis&o=ushpd
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://ec2-174-129-1...eivers/FMSI.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\oct94ggb.default
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Arthur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\oct94ggb.default\searchplugins\yahoo_ff.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\oct94ggb.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013-01-04]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn [2014-09-23]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-28]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-07-31]
FF HKLM\...\Firefox\Extensions: [{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}] - C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_2.2.0.28\coFFFw
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\IPSFF [2014-08-26]
FF Extension: No Name - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\oct94ggb.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\oct94ggb.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [Not Found]
FF Extension: No Name - C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\oct94ggb.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Program Files\IObit Apps Toolbar\FF [Not Found]
 
Chrome: 
=======
CHR CustomProfile: C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Tampermonkey) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-12-17]
CHR Extension: (AdBlock) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-11-20]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-09-27]
CHR Extension: (Qmee) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde [2014-03-20]
CHR Extension: (Google Wallet) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-31]
CHR Extension: (4chan Plus) - C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj [2012-02-29]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-26]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed]
S3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.5.0.19\NIS.exe [276376 2014-07-31] (Symantec Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [3918216 2010-11-23] (INCA Internet Co., Ltd.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [250072 2014-01-22] (Realtek Semiconductor)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\BASHDefs\20140912.003\BHDrvx86.sys [1137368 2014-09-12] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1505000.013\ccSetx86.sys [127064 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [378672 2014-09-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [111408 2014-09-14] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\IPSDefs\20140919.001\IDSvix86.sys [476888 2014-08-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\VirusDefs\20140920.001\NAVENG.SYS [95704 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\VirusDefs\20140920.001\NAVEX15.SYS [1636696 2014-08-11] (Symantec Corporation)
S3 NPPTNT2; C:\Windows\system32\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.) [File not signed]
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1505000.013\SRTSP.SYS [664280 2014-07-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1505000.013\SRTSPX.SYS [32344 2014-07-23] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1505000.013\SYMDS.SYS [367704 2014-07-23] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1505000.013\SYMEFA.SYS [936152 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-08-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1505000.013\Ironx86.SYS [206936 2014-07-23] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1505000.013\SYMTDIV.SYS [384728 2014-07-23] (Symantec Corporation)
S3 tap0801; C:\Windows\System32\DRIVERS\tap0801.sys [26624 2006-10-01] (The OpenVPN Project) [File not signed]
S3 TIEHDUSB; C:\Windows\System32\drivers\tiehdusb.sys [49536 2010-02-08] (Texas Instruments Incorporated) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 XDva384; \??\C:\Windows\system32\XDva384.sys [X]
S3 XDva385; \??\C:\Windows\system32\XDva385.sys [X]
S3 XDva391; \??\C:\Windows\system32\XDva391.sys [X]
S3 XDva401; \??\C:\Windows\system32\XDva401.sys [X]
S3 XDva406; \??\C:\Windows\system32\XDva406.sys [X]
S3 XDva407; \??\C:\Windows\system32\XDva407.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-23 14:33 - 2014-09-23 14:33 - 01098240 _____ (Farbar) C:\Users\Arthur\Desktop\FRST (2).exe
2014-09-21 16:24 - 2014-09-21 16:24 - 04655297 _____ () C:\Users\Arthur\Downloads\TitleIXcurriculumforHaven.pptx
2014-09-14 15:19 - 2014-08-15 10:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 15:19 - 2014-08-15 10:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 15:19 - 2014-08-15 10:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 15:19 - 2014-08-15 10:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 15:19 - 2014-08-15 10:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 15:19 - 2014-08-15 10:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 15:19 - 2014-08-15 10:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 15:19 - 2014-08-15 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 15:19 - 2014-08-15 10:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-14 15:19 - 2014-08-15 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 15:19 - 2014-08-15 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 15:19 - 2014-08-15 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 15:19 - 2014-08-15 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-14 15:19 - 2014-08-15 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-14 12:13 - 2014-09-14 12:13 - 02353260 _____ () C:\Users\Arthur\Downloads\Jansons History of Art  The Western Tradition (8th Edition) Penelope J.E. Davies.zip
2014-09-01 20:49 - 2014-09-01 20:49 - 00001795 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-09-01 20:48 - 2014-09-01 20:49 - 06674824 _____ () C:\Users\Arthur\Downloads\HPPSdr.exe
2014-09-01 18:27 - 2014-09-01 18:27 - 00000795 _____ () C:\Windows\setupact.log
2014-09-01 18:27 - 2014-09-01 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-01 17:23 - 2014-09-01 17:23 - 01096704 _____ (Farbar) C:\Users\Arthur\Downloads\FRST (1).exe
2014-09-01 17:18 - 2014-09-01 17:18 - 00001665 _____ () C:\Users\Arthur\Downloads\fixlist.txt
2014-09-01 14:08 - 2014-09-01 14:08 - 01096704 _____ (Farbar) C:\Users\Arthur\Downloads\frst.exe
2014-09-01 14:02 - 2014-09-01 14:05 - 00000000 ____D () C:\Users\Arthur\Downloads\Sociology- A Brief Introduction, 10E [PDF]~StormRG~
2014-09-01 14:02 - 2014-09-01 14:02 - 00014001 _____ () C:\Users\Arthur\Downloads\[kickass.to]sociology.a.brief.introduction.10e.pdf.stormrg (1).torrent
2014-09-01 13:59 - 2014-09-01 13:59 - 00014001 _____ () C:\Users\Arthur\Downloads\[kickass.to]sociology.a.brief.introduction.10e.pdf.stormrg.torrent
2014-09-01 13:57 - 2014-09-01 14:02 - 17049505 _____ () C:\Users\Arthur\Downloads\Conformity.and.Conflict.Readings.in.Cultural.Anthropology.14th.Edition.rar
2014-09-01 11:21 - 2014-09-01 11:24 - 00041717 _____ () C:\Users\Arthur\Desktop\Addition.txt
2014-09-01 11:15 - 2014-09-23 14:34 - 00021557 _____ () C:\Users\Arthur\Desktop\FRST.txt
2014-09-01 11:14 - 2014-09-23 14:34 - 00000000 ____D () C:\FRST
2014-09-01 11:08 - 2014-09-01 11:08 - 00003150 _____ () C:\Users\Arthur\Desktop\aswMBR.txt
2014-09-01 11:08 - 2014-09-01 11:08 - 00000512 _____ () C:\Users\Arthur\Desktop\MBR.dat
2014-08-31 22:48 - 2014-08-31 22:48 - 05185536 _____ (AVAST Software) C:\Users\Arthur\Downloads\aswMBR.exe
2014-08-31 22:48 - 2014-08-31 22:48 - 05185536 _____ (AVAST Software) C:\Users\Arthur\Desktop\aswMBR.exe
2014-08-31 22:40 - 2014-08-31 22:40 - 00000000 ____D () C:\_OTL
2014-08-31 22:29 - 2014-08-31 22:29 - 00000000 ____D () C:\Users\Arthur\Documents\Lightshot
2014-08-31 11:56 - 2014-08-31 11:56 - 00231760 _____ () C:\Users\Arthur\Downloads\CrucialScan.exe
2014-08-31 11:55 - 2014-08-31 11:55 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Skillbrains
2014-08-31 11:55 - 2014-08-31 11:55 - 00000000 ____D () C:\Program Files\Skillbrains
2014-08-31 11:52 - 2014-08-31 11:53 - 02273984 _____ (Skillbrains ) C:\Users\Arthur\Downloads\setup-lightshot (3).exe
2014-08-29 11:22 - 2014-09-14 11:06 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Akamai
2014-08-28 21:14 - 2014-08-28 21:14 - 00087120 _____ () C:\Users\Arthur\Downloads\OTL.Txt
2014-08-28 21:14 - 2014-08-28 21:14 - 00054866 _____ () C:\Users\Arthur\Downloads\Extras.Txt
2014-08-28 20:33 - 2014-08-28 20:33 - 00602112 _____ (OldTimer Tools) C:\Users\Arthur\Desktop\OTL.exe
2014-08-28 00:13 - 2014-08-22 21:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 00:13 - 2014-08-22 19:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 13:04 - 2014-08-26 13:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-23 14:37 - 2014-09-01 11:15 - 00021557 _____ () C:\Users\Arthur\Desktop\FRST.txt
2014-09-23 14:34 - 2014-09-01 11:14 - 00000000 ____D () C:\FRST
2014-09-23 14:33 - 2014-09-23 14:33 - 01098240 _____ (Farbar) C:\Users\Arthur\Desktop\FRST (2).exe
2014-09-23 14:31 - 2011-07-31 18:54 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-23 14:31 - 2007-09-15 18:14 - 00000000 ____D () C:\Windows\SMINST
2014-09-23 14:31 - 2006-11-02 08:47 - 00003696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 14:31 - 2006-11-02 08:47 - 00003696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 14:30 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 18:10 - 2006-11-02 09:01 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-21 18:09 - 2010-12-28 01:30 - 01525833 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 18:07 - 2011-07-31 18:54 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-21 16:24 - 2014-09-21 16:24 - 04655297 _____ () C:\Users\Arthur\Downloads\TitleIXcurriculumforHaven.pptx
2014-09-21 16:01 - 2013-04-17 16:27 - 00000378 _____ () C:\Windows\Tasks\update-sys.job
2014-09-21 15:58 - 2013-04-17 16:27 - 00000378 _____ () C:\Windows\Tasks\update-S-1-5-21-2954682461-3353532526-1526713206-1000.job
2014-09-21 15:58 - 2013-03-04 19:53 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000UA.job
2014-09-21 13:30 - 2011-05-02 16:37 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\HpUpdate
2014-09-19 18:58 - 2013-03-04 19:53 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000Core.job
2014-09-19 18:39 - 2014-06-27 12:41 - 00009444 _____ () C:\Windows\PFRO.log
2014-09-17 16:50 - 2006-11-02 06:33 - 00851378 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 15:23 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-17 15:15 - 2013-04-29 19:13 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-09-17 15:15 - 2013-04-17 16:27 - 00000438 _____ () C:\Users\Arthur\AppData\Local\UserProducts.xml
2014-09-14 12:57 - 2013-12-27 13:25 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\uTorrent
2014-09-14 12:13 - 2014-09-14 12:13 - 02353260 _____ () C:\Users\Arthur\Downloads\Jansons History of Art  The Western Tradition (8th Edition) Penelope J.E. Davies.zip
2014-09-14 12:07 - 2013-12-27 13:25 - 00000760 _____ () C:\Users\Arthur\Desktop\µTorrent.lnk
2014-09-14 12:07 - 2013-12-27 13:25 - 00000740 _____ () C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-09-14 11:51 - 2013-07-18 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 11:06 - 2014-08-29 11:22 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Akamai
2014-09-14 11:05 - 2007-09-15 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-14 10:54 - 2006-11-02 06:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-01 20:50 - 2007-09-15 17:46 - 00000000 ____D () C:\ProgramData\HP
2014-09-01 20:49 - 2014-09-01 20:49 - 00001795 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-09-01 20:49 - 2014-09-01 20:48 - 06674824 _____ () C:\Users\Arthur\Downloads\HPPSdr.exe
2014-09-01 20:49 - 2007-09-15 17:47 - 00000000 ____D () C:\Program Files\HP
2014-09-01 19:54 - 2012-05-21 21:15 - 00000000 ____D () C:\Users\Arthur\AppData\Roaming\Skype
2014-09-01 18:27 - 2014-09-01 18:27 - 00000795 _____ () C:\Windows\setupact.log
2014-09-01 18:27 - 2014-09-01 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-01 18:21 - 2011-03-09 20:52 - 00011776 _____ () C:\Users\Arthur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-01 17:23 - 2014-09-01 17:23 - 01096704 _____ (Farbar) C:\Users\Arthur\Downloads\FRST (1).exe
2014-09-01 17:18 - 2014-09-01 17:18 - 00001665 _____ () C:\Users\Arthur\Downloads\fixlist.txt
2014-09-01 14:10 - 2012-04-21 10:45 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-01 14:10 - 2012-04-21 10:45 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-01 14:08 - 2014-09-01 14:08 - 01096704 _____ (Farbar) C:\Users\Arthur\Downloads\frst.exe
2014-09-01 14:05 - 2014-09-01 14:02 - 00000000 ____D () C:\Users\Arthur\Downloads\Sociology- A Brief Introduction, 10E [PDF]~StormRG~
2014-09-01 14:02 - 2014-09-01 14:02 - 00014001 _____ () C:\Users\Arthur\Downloads\[kickass.to]sociology.a.brief.introduction.10e.pdf.stormrg (1).torrent
2014-09-01 14:02 - 2014-09-01 13:57 - 17049505 _____ () C:\Users\Arthur\Downloads\Conformity.and.Conflict.Readings.in.Cultural.Anthropology.14th.Edition.rar
2014-09-01 13:59 - 2014-09-01 13:59 - 00014001 _____ () C:\Users\Arthur\Downloads\[kickass.to]sociology.a.brief.introduction.10e.pdf.stormrg.torrent
2014-09-01 11:24 - 2014-09-01 11:21 - 00041717 _____ () C:\Users\Arthur\Desktop\Addition.txt
2014-09-01 11:08 - 2014-09-01 11:08 - 00003150 _____ () C:\Users\Arthur\Desktop\aswMBR.txt
2014-09-01 11:08 - 2014-09-01 11:08 - 00000512 _____ () C:\Users\Arthur\Desktop\MBR.dat
2014-08-31 22:48 - 2014-08-31 22:48 - 05185536 _____ (AVAST Software) C:\Users\Arthur\Downloads\aswMBR.exe
2014-08-31 22:48 - 2014-08-31 22:48 - 05185536 _____ (AVAST Software) C:\Users\Arthur\Desktop\aswMBR.exe
2014-08-31 22:40 - 2014-08-31 22:40 - 00000000 ____D () C:\_OTL
2014-08-31 22:29 - 2014-08-31 22:29 - 00000000 ____D () C:\Users\Arthur\Documents\Lightshot
2014-08-31 11:56 - 2014-08-31 11:56 - 00231760 _____ () C:\Users\Arthur\Downloads\CrucialScan.exe
2014-08-31 11:55 - 2014-08-31 11:55 - 00000000 ____D () C:\Users\Arthur\AppData\Local\Skillbrains
2014-08-31 11:55 - 2014-08-31 11:55 - 00000000 ____D () C:\Program Files\Skillbrains
2014-08-31 11:53 - 2014-08-31 11:52 - 02273984 _____ (Skillbrains ) C:\Users\Arthur\Downloads\setup-lightshot (3).exe
2014-08-31 11:46 - 2014-01-07 20:13 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-28 21:14 - 2014-08-28 21:14 - 00087120 _____ () C:\Users\Arthur\Downloads\OTL.Txt
2014-08-28 21:14 - 2014-08-28 21:14 - 00054866 _____ () C:\Users\Arthur\Downloads\Extras.Txt
2014-08-28 20:33 - 2014-08-28 20:33 - 00602112 _____ (OldTimer Tools) C:\Users\Arthur\Desktop\OTL.exe
2014-08-28 20:26 - 2006-11-02 08:47 - 00441160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:33 - 2007-09-15 18:05 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-08-26 13:10 - 2010-12-27 23:08 - 00000000 ____D () C:\ProgramData\Norton
2014-08-26 13:04 - 2014-08-26 13:04 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-08-26 13:04 - 2010-12-27 23:09 - 00002215 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-08-26 13:04 - 2010-12-27 23:09 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-08-26 12:54 - 2010-12-27 23:09 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-08-26 12:54 - 2010-12-27 23:09 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-08-26 12:53 - 2010-12-27 23:08 - 00000000 ____D () C:\Program Files\Norton Internet Security
2014-08-26 12:46 - 2011-09-10 18:59 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-08-26 12:14 - 2013-11-12 21:06 - 00000000 ____D () C:\Users\Arthur\Desktop\Belts
2014-08-26 11:56 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-08-26 11:36 - 2013-10-28 17:51 - 00000000 ____D () C:\Program Files\Youtube Movie Maker
2014-08-26 11:23 - 2013-04-02 15:23 - 00000000 ____D () C:\Program Files\Litecoin
2014-08-26 11:20 - 2010-12-27 22:38 - 00000000 ____D () C:\Users\Arthur
 
Some content of TEMP:
====================
C:\Users\Arthur\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-23 14:37
 
==================== End Of Log ============================

  • 0

#18
kingkeef

kingkeef

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts

Forgot this:

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2014 02

Ran by Arthur at 2014-09-01 11:21:39
Running from C:\Users\Arthur\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.6.602.171 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audjoo Helix 1.0 (HKLM\...\Audjoo Helix_is1) (Version:  - )
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
c5200_Help (Version: 90.0.189.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cross Fire En (HKLM\...\Cross Fire_is1) (Version:  - Z8Games.com)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC)
Edirol HQ Orchestral VSTi v1.03 (HKLM\...\Edirol HQ Orchestral VSTi v1.03) (Version:  - )
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 90.0.146.000 - Hewlett-Packard) Hidden
FL Studio  10.0.2 (HKLM\...\FL Studio ) (Version: 10.0.2 - )
FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)
FL Studio 11 (HKLM\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version:  - )
Fraps (HKLM\...\Fraps) (Version:  - )
FREE Word and Excel password recovery Wizard version 2.1.15 (HKLM\...\{BEE8AFD4-907F-4BD5-B2E9-6606291415E8}_is1) (Version: 2.1.15 - FREE Password Recovery Software)
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.102 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4558.05 - PC-Doctor, Inc.)
HP Active Support Library (Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Active Support Library 32 bit components (Version: 2.1.0 - Hewlett-Packard) Hidden
HP Advisor (HKLM\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.2.0.2296 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.2.0.2304 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{E8ED5ADB-3EB5-4890-85F6-0FEA13A47EEE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{B58FBD4F-C69A-41C1-94AC-1A47AD946C91}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Picasso Media Center Add-In (Version: 1.0.0 - HP) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java™ 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
Java™ SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Lennar Digital Sylenth VSTi v1.2.1 (HKLM\...\Lennar Digital Sylenth VSTi v1.2.1) (Version:  - )
LightScribe  1.8.15.1 (Version: 1.8.15.1 - http://www.lightscribe.com) Hidden
Lightshot-5.1.4.6 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.6 - Skillbrains)
Luxonix Purity VSTi v1.1.2 (HKLM\...\Luxonix Purity VSTi_is1) (Version:  - )
ManyCam 2.6.60 (remove only) (HKLM\...\ManyCam) (Version: 2.6.60 - ManyCam LLC)
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 13.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 13.0.1 (x86 en-US)) (Version: 13.0.1 - Mozilla)
Mozilla Firefox 4.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 4.0.1 (x86 en-US)) (Version: 4.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSRedist (Version: 9.0.30729.4148 - Symantec Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiBit 0.5.14 (HKLM\...\MultiBit 0.5.14) (Version: 0.5.14 - )
MultiBit 0.5.17 (HKLM\...\MultiBit 0.5.17) (Version: 0.5.17 - )
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1804 - WildTangent)
Native Instruments Massive (HKLM\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.2.1.1989 - Native Instruments) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 21.5.0.19 - Symantec Corporation)
ODT Viewer version 1.0 (HKLM\...\{CAA1B43B-7CDA-4D58-B9A3-1050C358CB2D}_is1) (Version: 1.0 - odtviewer.com)
ooVoo (HKLM\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.0.7023 - ooVoo LLC.)
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
REACTOR (HKLM\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (HKLM\...\reFX Vanguard_is1) (Version:  - )
Remote Utilities - Viewer (HKLM\...\{E0891DC0-EC05-45F9-9959-64207AB75E6D}) (Version: 5.255.3000 - Usoris Systems LLC)
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.572 - Roxio)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Snapfish Picture Mover (HKLM\...\{029B5901-1F27-4347-9923-E8ACC8F54E15}) (Version: 1.9.0.16 - HP Snapfish)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
Soldier Front (HKLM\...\Soldier Front) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.8.8.348.ge445f5b9 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Test Drive 5 (HKLM\...\Test Drive 5) (Version:  - Accolade)
TI Connect 1.6 (HKLM\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Inc)
Tone2 Gladiator VSTi v2.2 (HKLM\...\Tone2 Gladiator VSTi_is1) (Version:  - )
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
WildTangent Games App (HP Games) (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.31 - WildTangent)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Roblox\Versions\version-38d9c3e04e394773\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Arthur\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
==================== Restore Points  =========================
 
29-08-2014 03:32:37 Scheduled Checkpoint
29-08-2014 18:41:16 Scheduled Checkpoint
31-08-2014 15:58:35 Removed IObit Apps Toolbar v9.6.
01-09-2014 02:40:19 OTL Restore Point - 8/31/2014 10:40:18 PM
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-04-16 17:04 - 2014-04-09 17:34 - 00000809 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 roblox.com
127.0.0.1 www.roblox.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14D49B84-E6BD-4CE1-B98B-4FB35347F9E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-31] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3E09A082-3DD6-4681-B104-E7324F09E03E} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {3E382ABE-25C2-459F-96D1-C59E182344B9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2954682461-3353532526-1526713206-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {46FE14F9-88E8-471C-BD52-4DD76797C525} - System32\Tasks\Driver Booster SkipUAC (Arthur) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {4ECAAD62-459B-4435-A945-3AC5AC791706} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [2007-05-17] ()
Task: {523BAE2E-445E-470F-B012-25E032F374D3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {64C613FE-5AA5-406A-A2F0-A7C90F891AE8} - System32\Tasks\update-S-1-5-21-2954682461-3353532526-1526713206-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {78F1294C-1DCA-497A-AD5E-630FD422D14A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000UA => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-04] (Facebook Inc.)
Task: {8EA3544E-9572-4313-B3A1-D97DBD93F244} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {94737657-89AF-4F43-9BED-05752A329451} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {99918669-3E47-468D-8AC7-DCEC3F5CC10C} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {A1622948-A795-4EDF-ADAD-EBC631018B78} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {AACED546-1343-4F2B-A5A0-3A5C5282E6A1} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {AB37DB43-0782-4F1A-8489-BC12C83FB99D} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {AB587583-7BA9-44F6-A215-0960B8A69C98} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000Core => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-04] (Facebook Inc.)
Task: {BDCAFF8D-0FA4-4CB5-8A03-471471B7CB7D} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {C6681F91-7FE4-42D7-BA18-E5A36651411C} - System32\Tasks\Go for FilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {D0A0AA8E-9160-40B9-A926-D35824AC2978} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8BB4AFB-3E82-4CD5-A20C-E2947E79E7FE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2954682461-3353532526-1526713206-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E34B349C-738F-4A87-BF64-401C80B3A8EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-31] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-12-28] ()
Task: {FE7AE3B7-DF0A-445F-8ABD-5D44048C5584} - System32\Tasks\JavaUpdateArthur => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000Core.job => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000UA.job => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2954682461-3353532526-1526713206-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-01-15 20:55 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-29 17:14 - 2014-08-28 00:54 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.102\pdf.dll
2014-08-29 17:14 - 2014-08-28 00:54 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.102\ppGoogleNaClPluginChrome.dll
2014-08-29 17:14 - 2014-08-28 00:53 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.102\ffmpegsumo.dll
2014-04-11 14:58 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 14:58 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Arthur\Desktop\Calm-Down.MP3:TOC.WMV
AlternateDataStreams: C:\Users\Arthur\Desktop\Gucci Mane & Cheif Keef - Top of Trash  (RGF.iS).mp3:TOC.WMV
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish Media Detector.lnk => C:\Windows\pss\Snapfish Media Detector.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LightShot => C:\Users\Arthur\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Arthur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2014 10:18:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2014 10:18:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2014 00:00:32 PM) (Source: MsiInstaller) (EventID: 11316) (User: Arthur-PC)
Description: Product: IObit Apps Toolbar v9.6 -- Error 1316.The specified account already exists.
 
Error: (08/31/2014 11:56:58 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: PolicyAgent
 
Error: (08/31/2014 11:56:58 AM) (Source: Perflib) (EventID: 1005) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent4
 
Error: (08/31/2014 11:56:58 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
 
Error: (08/31/2014 11:56:53 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 
Error: (08/26/2014 01:10:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
 
 
System errors:
=============
Error: (09/01/2014 09:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (09/01/2014 09:43:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (08/31/2014 11:55:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (08/31/2014 10:46:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (08/31/2014 10:46:15 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (08/31/2014 10:40:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Realtek Audio Service1
 
Error: (08/31/2014 10:19:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: LiveUpdate1
 
Error: (08/31/2014 10:19:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (08/31/2014 10:18:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (08/31/2014 11:52:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: RzKLService1
 
 
Microsoft Office Sessions:
=========================
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (08/31/2014 10:18:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (08/31/2014 10:18:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (08/31/2014 00:00:32 PM) (Source: MsiInstaller) (EventID: 11316) (User: Arthur-PC)
Description: Product: IObit Apps Toolbar v9.6 -- Error 1316.The specified account already exists.
(NULL)(NULL)(NULL)(NULL)
 
Error: (08/31/2014 11:56:58 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: PolicyAgent
 
Error: (08/31/2014 11:56:58 AM) (Source: Perflib) (EventID: 1005) (User: )
Description: OpenIPSecPerformanceDataC:\Windows\System32\ipsecsvc.dllPolicyAgent4
 
Error: (08/31/2014 11:56:58 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
 
Error: (08/31/2014 11:56:53 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 
Error: (08/26/2014 01:10:45 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002 
Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-01 11:21:11.031
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:21:10.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:21:09.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:21:08.589
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:20:13.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:20:12.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:20:11.675
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:20:10.885
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:18:32.529
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\BASHDefs\20140821.007\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-01 11:18:31.756
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\BASHDefs\20140821.007\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU E2140 @ 1.60GHz
Percentage of memory in use: 66%
Total physical RAM: 2037.77 MB
Available physical RAM: 678.65 MB
Total Pagefile: 4316.82 MB
Available Pagefile: 2688 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.11 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:289.28 GB) (Free:154.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:8.81 GB) (Free:1.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=289.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#19
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

That Addition.txt file is old. My fault. My instructions didn't include how to reproduce that file. Please do the following to get a fresh Addition.txt file.

 

Step#1 - Let's get that Addition.txt File
 
1. Right click on FRST and select Run as administrator.
2. Ensure that the Addition.txt check box is checked in the Optional Scan area at the bottom of the screen.
3. Press the Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop). We will not need this log this time.
5. Another log will be created (Addition.txt - also located in the same directory as FRST.exe).
6. Please paste the contents of the Addition.txt log in your next reply.


  • 0

#20
kingkeef

kingkeef

    Member

  • Topic Starter
  • Member
  • PipPip
  • 29 posts
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-09-2014
Ran by Arthur at 2014-09-23 17:31:30
Running from C:\Users\Arthur\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.6.602.171 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audjoo Helix 1.0 (HKLM\...\Audjoo Helix_is1) (Version:  - )
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
c5200_Help (Version: 90.0.189.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cross Fire En (HKLM\...\Cross Fire_is1) (Version:  - Z8Games.com)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.5.0.15 - DivX, LLC)
Edirol HQ Orchestral VSTi v1.03 (HKLM\...\Edirol HQ Orchestral VSTi v1.03) (Version:  - )
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 90.0.146.000 - Hewlett-Packard) Hidden
FL Studio  10.0.2 (HKLM\...\FL Studio ) (Version: 10.0.2 - )
FL Studio 10 (HKLM\...\FL Studio 10) (Version:  - Image-Line)
FL Studio 11 (HKLM\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM\...\FlowStone) (Version:  - )
Fraps (HKLM\...\Fraps) (Version:  - )
FREE Word and Excel password recovery Wizard version 2.1.15 (HKLM\...\{BEE8AFD4-907F-4BD5-B2E9-6606291415E8}_is1) (Version: 2.1.15 - FREE Password Recovery Software)
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4558.05 - PC-Doctor, Inc.)
HP Active Support Library (Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Active Support Library 32 bit components (Version: 2.1.0 - Hewlett-Packard) Hidden
HP Advisor (HKLM\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.2.0.2296 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.2.0.2304 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{E8ED5ADB-3EB5-4890-85F6-0FEA13A47EEE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{B58FBD4F-C69A-41C1-94AC-1A47AD946C91}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Picasso Media Center Add-In (Version: 1.0.0 - HP) Hidden
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IL Download Manager (HKLM\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java™ 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
Java™ SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Lennar Digital Sylenth VSTi v1.2.1 (HKLM\...\Lennar Digital Sylenth VSTi v1.2.1) (Version:  - )
LightScribe  1.8.15.1 (Version: 1.8.15.1 - http://www.lightscribe.com) Hidden
Lightshot-5.1.4.9 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.9 - Skillbrains)
Luxonix Purity VSTi v1.1.2 (HKLM\...\Luxonix Purity VSTi_is1) (Version:  - )
ManyCam 2.6.60 (remove only) (HKLM\...\ManyCam) (Version: 2.6.60 - ManyCam LLC)
MarketResearch (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 13.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 13.0.1 (x86 en-US)) (Version: 13.0.1 - Mozilla)
Mozilla Firefox 4.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 4.0.1 (x86 en-US)) (Version: 4.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSRedist (Version: 9.0.30729.4148 - Symantec Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiBit 0.5.14 (HKLM\...\MultiBit 0.5.14) (Version: 0.5.14 - )
MultiBit 0.5.17 (HKLM\...\MultiBit 0.5.17) (Version: 0.5.17 - )
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1804 - WildTangent)
Native Instruments Massive (HKLM\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.2.1.1989 - Native Instruments) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 21.5.0.19 - Symantec Corporation)
ODT Viewer version 1.0 (HKLM\...\{CAA1B43B-7CDA-4D58-B9A3-1050C358CB2D}_is1) (Version: 1.0 - odtviewer.com)
ooVoo (HKLM\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.0.7023 - ooVoo LLC.)
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
REACTOR (HKLM\...\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}) (Version: 1.00.0000 - ijji)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM\...\reFX Nexus_is1) (Version:  - )
reFX Vanguard VSTi RTAS v1.8.0 (HKLM\...\reFX Vanguard_is1) (Version:  - )
Remote Utilities - Viewer (HKLM\...\{E0891DC0-EC05-45F9-9959-64207AB75E6D}) (Version: 5.255.3000 - Usoris Systems LLC)
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.572 - Roxio)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12114_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Snapfish Picture Mover (HKLM\...\{029B5901-1F27-4347-9923-E8ACC8F54E15}) (Version: 1.9.0.16 - HP Snapfish)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
Soldier Front (HKLM\...\Soldier Front) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.8.8.348.ge445f5b9 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Test Drive 5 (HKLM\...\Test Drive 5) (Version:  - Accolade)
TI Connect 1.6 (HKLM\...\{A8B94669-8654-4126-BD28-D0D2412CDED6}) (Version: 1.6 - Texas Instruments Inc)
Tone2 Gladiator VSTi v2.2 (HKLM\...\Tone2 Gladiator VSTi_is1) (Version:  - )
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update Installer for WildTangent Games App (Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
WildTangent Games App (HP Games) (HKLM\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.31 - WildTangent)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Roblox\Versions\version-38d9c3e04e394773\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Arthur\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-2954682461-3353532526-1526713206-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Arthur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
==================== Restore Points  =========================
 
29-08-2014 03:32:37 Scheduled Checkpoint
29-08-2014 18:41:16 Scheduled Checkpoint
31-08-2014 15:58:35 Removed IObit Apps Toolbar v9.6.
01-09-2014 02:40:19 OTL Restore Point - 8/31/2014 10:40:18 PM
01-09-2014 22:57:29 Scheduled Checkpoint
05-09-2014 16:37:06 Scheduled Checkpoint
07-09-2014 13:42:44 Scheduled Checkpoint
14-09-2014 14:39:12 Windows Update
14-09-2014 19:16:53 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-04-16 17:04 - 2014-04-09 17:34 - 00000809 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 roblox.com
127.0.0.1 www.roblox.com
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {14D49B84-E6BD-4CE1-B98B-4FB35347F9E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-31] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3E09A082-3DD6-4681-B104-E7324F09E03E} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {3E382ABE-25C2-459F-96D1-C59E182344B9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2954682461-3353532526-1526713206-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4ECAAD62-459B-4435-A945-3AC5AC791706} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [2007-05-17] ()
Task: {523BAE2E-445E-470F-B012-25E032F374D3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {64C613FE-5AA5-406A-A2F0-A7C90F891AE8} - System32\Tasks\update-S-1-5-21-2954682461-3353532526-1526713206-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {78F1294C-1DCA-497A-AD5E-630FD422D14A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000UA => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-04] (Facebook Inc.)
Task: {8EA3544E-9572-4313-B3A1-D97DBD93F244} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {94737657-89AF-4F43-9BED-05752A329451} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {99918669-3E47-468D-8AC7-DCEC3F5CC10C} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {A1622948-A795-4EDF-ADAD-EBC631018B78} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {AACED546-1343-4F2B-A5A0-3A5C5282E6A1} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {AB37DB43-0782-4F1A-8489-BC12C83FB99D} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {AB587583-7BA9-44F6-A215-0960B8A69C98} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000Core => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-04] (Facebook Inc.)
Task: {BDCAFF8D-0FA4-4CB5-8A03-471471B7CB7D} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {D0A0AA8E-9160-40B9-A926-D35824AC2978} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8BB4AFB-3E82-4CD5-A20C-E2947E79E7FE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2954682461-3353532526-1526713206-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {E34B349C-738F-4A87-BF64-401C80B3A8EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-31] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-12-28] ()
Task: {FE7AE3B7-DF0A-445F-8ABD-5D44048C5584} - System32\Tasks\JavaUpdateArthur => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000Core.job => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2954682461-3353532526-1526713206-1000UA.job => C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2954682461-3353532526-1526713206-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-01-15 20:55 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-17 15:28 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-17 15:28 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-17 15:28 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish Media Detector.lnk => C:\Windows\pss\Snapfish Media Detector.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\Arthur\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LightShot => C:\Users\Arthur\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Arthur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/17/2014 03:20:05 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
 
Error: (09/17/2014 03:20:04 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
 
Error: (09/16/2014 04:45:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/14/2014 11:37:00 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
 
Error: (09/14/2014 11:36:59 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002
 
Error: (09/01/2014 08:35:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/01/2014 08:35:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/01/2014 05:27:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (09/23/2014 02:32:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (09/23/2014 02:31:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (09/21/2014 06:09:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (09/21/2014 01:29:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (09/21/2014 01:28:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (09/19/2014 06:40:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (09/19/2014 06:40:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (09/17/2014 05:30:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
 
Error: (09/17/2014 02:48:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {28778B62-8481-400D-8E8A-A4C81ED3F65C}
 
Error: (09/17/2014 02:48:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
 
Microsoft Office Sessions:
=========================
Error: (09/17/2014 03:20:05 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002 
Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91
 
Error: (09/17/2014 03:20:04 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002 
Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91
 
Error: (09/16/2014 04:45:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (09/14/2014 11:37:00 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002 
Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91
 
Error: (09/14/2014 11:36:59 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91 . Error code = 0x80070002 
Microsoft.SqlServer.Management.SmoMetadataProvider, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91
 
Error: (09/01/2014 08:35:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (09/01/2014 08:35:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (09/01/2014 05:27:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
Error: (08/31/2014 10:46:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\VstPlugins\Sugar Bytes\Turnado\Turnado x64.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-23 17:31:16.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:31:15.627
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:31:15.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:31:14.418
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:30:49.110
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:30:48.352
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:30:47.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:30:47.019
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:30:25.851
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\BASHDefs\20140912.003\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-23 17:30:25.117
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.5.0.19\Definitions\BASHDefs\20140912.003\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU E2140 @ 1.60GHz
Percentage of memory in use: 62%
Total physical RAM: 2037.77 MB
Available physical RAM: 761.16 MB
Total Pagefile: 4318.79 MB
Available Pagefile: 2746.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.35 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:289.28 GB) (Free:139.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:8.81 GB) (Free:1.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=289.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#21
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thank you for the logs. Let's eliminate the possibility that you have any malware...then we can streamline your startup and processes. 2 GB of memory is extremely low and really not optimal for your machine but we'll see what we can do.

 

Step#1 - FRST Fix

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   541bytes   148 downloads
    Note. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).

 

2. Run FRST by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

Step#2 - Security Check

 

1. Download Security Check from here or here.

2. Save it to your Desktop.

3. Right-click on SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.

4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

 

 

Step#3 - Services Check

1. Please download Farbar Service Scanner to your desktop.
2. Right-click on the FSS.exe file and choose Run as administrator. Make sure that all the options are checked:
3. Press "Scan".
4. It will create a log (FSS.txt) in the same directory the tool is run.
5. Please copy and paste the log to your reply.

6. Next in the Search box of the Farbar Service Scanner program please copy and paste WinDefend into the box and click the Export Service button.

7. Notepad will open with the information. Please copy and paste this information into your next post as well.

 

 

Step#4 - ESET Online Scan
 

  • Please go here and click on 1.JPG
  • Note: This site is optimized for Internet Explorer. Please use it for this scan. If you wish to use Firefox or Chrome you will be asked to download the ESET Smart Installer first (esetsmartinstaller_enu.exe). Go ahead and download and run this file.
  • Please accept the ESET Online Scanner EULA and click Start.
  • If prompted, allow the Add-On/Active X to install. If you have problems with this step please see this link.
  • Make sure Enable detection of potentially unwanted applications is selected.
  • Click the Advanced Settings link.
  • Make sure Remove found threats is NOT checked.
  • Make sure Scan archives IS checked.
  • Make sure Scan for potentially unsafe applications IS checked.
  • Make sure Enable Anti-Stealth technology IS checked
  • 2.JPG
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the contents of the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
    Note: Copy/Paste the contents of the log.txt file before going on to the next step or the log file will be removed.
  • Also be sure to check Uninstall Application on Close before clicking finish.
  • Paste that log as a part of your next post.

    

 

Items for your next post
1. FRST Fix Log

2. Security Check Log

3. Services Check Log as well as the WinDefend export log

4. ESET Log


  • 0

#22
godawgs

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP