As requested;
SvcRepair.log
Log Opened: 2014-10-09 @ 19:05:19
19:05:19 - -----------------
19:05:19 - | Begin Logging |
19:05:19 - -----------------
19:05:19 - Fix started on a WIN_7 X64 computer
19:05:19 - Prep in progress. Please Wait.
19:05:21 - Prep complete
19:05:21 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
ERROR: Writing SD to <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP> failed with: The system cannot find the file specified.
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>
SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>
SetACL finished successfully.
19:05:23 - Services Repair Complete.
19:05:29 - Reboot Initiated
FSS.txt log
Farbar Service Scanner Version: 21-07-2014
Ran by Owner (administrator) on 09-10-2014 at 19:21:25
Running from "C:\Users\Owner\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Owner (administrator) on OWNER-PC on 09-10-2014 19:24:42
Running from C:\Users\Owner\Downloads
Loaded Profile: Owner (Available profiles: Owner & Darryl)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc.) C:\Users\Owner\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(IBM Corp) C:\Program Files (x86)\IBM\Lotus\Notes\SUService.exe
(IBM) C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(IBM Corp) C:\Program Files (x86)\IBM\Lotus\Notes\ntmulti.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1320937888\ee\aolsoftware.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Users\Owner\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Autodesk Inc.) C:\Users\Owner\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1320937888\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-04-25] (RealNetworks, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-06-20] (Autodesk Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ISLAlwaysOn: C:\Program Files (x86)\ISL Online\ISL AlwaysOn\aon_notify64.dll ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2281097704-164782711-356799163-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-2281097704-164782711-356799163-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-09-12] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2281097704-164782711-356799163-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2281097704-164782711-356799163-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2281097704-164782711-356799163-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2281097704-164782711-356799163-1000\...\MountPoints2: D - D:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\Owner\AppData\Roaming\HP SimpleSave Application\StartHelper.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?...U218DHP&pc=U218
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8DC01587C40BCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKCU - {F83BCEDF-A200-4372-A91A-1CAF5B23CDAC} URL = http://search.yahoo....p={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://energy.webex...ex/ieatgpc1.cab
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - No File
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - No File
Handler-x32: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files (x86)\Libronix DLS\System\FileProt.dll (Libronix Corporation)
Handler-x32: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files (x86)\Libronix DLS\System\ResProt.dll (Libronix Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\ozpw4nhr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Owner\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [596360 2014-06-20] (Autodesk Inc.)
R2 BackupService; C:\Users\Owner\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [248664 2013-09-12] (Garmin Ltd or its subsidiaries)
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [363128 2014-08-13] (Verizon)
S3 isl_always_on; C:\Program Files (x86)\ISL Online\ISL AlwaysOn\ISLAlwaysOnService.exe [67512 2010-03-23] (XLAB d.o.o.)
R2 LNSUSvc; C:\Program Files (x86)\IBM\Lotus\Notes\SUService.exe [189832 2011-09-16] (IBM Corp)
R2 Lotus Notes Diagnostics; C:\Program Files (x86)\IBM\Lotus\Notes\nsd.exe [4453768 2011-09-16] (IBM)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-25] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 19:17 - 2014-10-09 19:17 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2281097704-164782711-356799163-1000
2014-10-09 19:17 - 2014-10-09 19:17 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2281097704-164782711-356799163-1000
2014-10-09 19:05 - 2014-10-09 19:05 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-10-09 19:04 - 2014-10-09 19:04 - 04009167 _____ () C:\Users\Owner\Desktop\ServicesRepair.exe
2014-10-09 03:00 - 2014-10-09 03:00 - 00000000 ____D () C:\Windows\TempDCBDAA2C-00C3-F6C2-3813-E38C4A519AE9-Signatures
2014-10-09 00:18 - 2010-11-16 21:24 - 00750440 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5412.dll
2014-10-08 22:01 - 2014-10-09 19:21 - 00002911 _____ () C:\Users\Owner\Desktop\FSS.txt
2014-10-08 22:00 - 2014-10-08 22:00 - 00415232 _____ (Farbar) C:\Users\Owner\Desktop\FSS.exe
2014-10-08 22:00 - 2014-10-08 22:00 - 00002109 _____ () C:\Users\Owner\Desktop\aswMBR.txt
2014-10-08 22:00 - 2014-10-08 22:00 - 00000512 _____ () C:\Users\Owner\Desktop\MBR.dat
2014-10-08 17:28 - 2014-10-08 17:28 - 00005060 _____ () C:\Users\Owner\Desktop\AdwCleaner[S0].txt
2014-10-08 17:23 - 2014-10-08 17:23 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2281097704-164782711-356799163-1000
2014-10-08 17:17 - 2014-10-08 17:20 - 00000000 ____D () C:\AdwCleaner
2014-10-08 17:16 - 2014-10-08 17:16 - 01375089 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-10-08 16:58 - 2014-10-08 16:58 - 00004449 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-10-08 16:55 - 2014-10-08 16:55 - 00000000 ____D () C:\Windows\ERUNT
2014-10-08 16:53 - 2014-10-08 16:55 - 01705141 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-10-08 16:36 - 2014-10-08 17:23 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2281097704-164782711-356799163-1000
2014-10-07 01:55 - 2014-10-07 01:55 - 00000000 ____D () C:\Users\Owner\Desktop\Desk Top Folder Tremco
2014-10-06 11:03 - 2014-10-07 15:08 - 00000000 ____D () C:\Users\Owner\Desktop\Alhambra Project
2014-10-05 12:53 - 2014-10-06 22:13 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion
2014-10-04 13:31 - 2014-10-08 17:38 - 00000179 _____ () C:\ProgramData\LockFilePath.ini
2014-09-30 16:48 - 2014-09-30 16:50 - 00000000 ____D () C:\Users\Owner\Downloads\Logs From Scan
2014-09-25 21:25 - 2014-09-25 23:48 - 00005575 _____ () C:\Users\Owner\Documents\aswMBR.txt
2014-09-25 21:25 - 2014-09-25 23:48 - 00000512 _____ () C:\Users\Owner\Documents\MBR.dat
2014-09-25 16:07 - 2014-09-25 16:07 - 05185536 _____ (AVAST Software) C:\Users\Owner\Desktop\aswmbr.exe
2014-09-25 16:02 - 2014-09-25 16:02 - 05579290 _____ (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-09-25 15:58 - 2014-09-25 15:58 - 05579290 _____ () C:\Users\Owner\Downloads\ComboFix.exe
2014-09-25 15:34 - 2014-09-25 15:34 - 00112072 _____ () C:\Users\Owner\Downloads\Shortcut.txt
2014-09-25 15:31 - 2014-10-08 00:08 - 00041909 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-09-25 15:30 - 2014-10-09 19:26 - 00018772 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-09-25 15:30 - 2014-10-09 19:24 - 00000000 ____D () C:\FRST
2014-09-25 15:25 - 2014-10-06 22:13 - 02109952 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-09-25 03:06 - 2014-10-08 16:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 18:02 - 2014-09-24 18:02 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Darryl\Downloads\tdsskiller.exe
2014-09-24 17:58 - 2014-09-24 17:58 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Macromedia
2014-09-24 17:58 - 2014-09-24 17:58 - 00000000 ____D () C:\Users\Darryl\AppData\Local\Macromedia
2014-09-24 17:55 - 2014-09-24 17:55 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Mozilla
2014-09-24 17:55 - 2014-09-24 17:55 - 00000000 ____D () C:\Users\Darryl\AppData\Local\Mozilla
2014-09-24 17:52 - 2014-09-24 17:52 - 00000000 ____D () C:\Users\Darryl\Documents\Autodesk Application Manager
2014-09-24 17:51 - 2014-09-24 18:01 - 00000000 ____D () C:\Users\Darryl\AppData\Local\Adobe
2014-09-24 17:51 - 2014-09-24 17:51 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Real
2014-09-24 17:51 - 2014-09-24 17:51 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Logitech
2014-09-24 17:51 - 2014-09-24 17:51 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Autodesk
2014-09-24 17:51 - 2014-09-24 17:51 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Apple Computer
2014-09-24 17:51 - 2014-09-24 17:51 - 00000000 ____D () C:\Users\Darryl\AppData\Local\Autodesk
2014-09-24 17:51 - 2014-09-24 17:51 - 00000000 ____D () C:\Users\Darryl\AppData\Local\AOL
2014-09-24 17:50 - 2014-09-24 18:01 - 00000000 ____D () C:\Users\Darryl\AppData\Roaming\Adobe
2014-09-24 17:50 - 2014-09-24 17:50 - 00001413 _____ () C:\Users\Darryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-24 17:48 - 2014-09-24 17:50 - 00000000 ____D () C:\Users\Darryl
2014-09-24 17:48 - 2014-09-24 17:48 - 00000020 ___SH () C:\Users\Darryl\ntuser.ini
2014-09-24 17:48 - 2011-11-11 04:02 - 00000000 ____D () C:\Users\Darryl\AppData\Local\Microsoft Help
2014-09-24 17:48 - 2009-07-13 21:54 - 00000000 ___RD () C:\Users\Darryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-24 17:48 - 2009-07-13 21:49 - 00000000 ___RD () C:\Users\Darryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-24 10:46 - 2014-09-24 10:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-23 09:41 - 2014-09-23 09:41 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-23 09:38 - 2014-09-23 09:40 - 158875752 _____ () C:\Users\Owner\Downloads\setup_11.0.3.7.x01_2014_09_23_18_27.exe
2014-09-22 19:51 - 2014-09-22 19:51 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-09-22 19:48 - 2014-09-22 19:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Hewlett-Packard
2014-09-22 19:48 - 2014-09-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-22 19:32 - 2014-09-22 19:32 - 00002212 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2014-09-22 19:32 - 2014-09-22 19:32 - 00001888 _____ () C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet 6500 E710n-z.lnk
2014-09-22 19:32 - 2014-09-22 19:32 - 00001217 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z Scan.lnk
2014-09-22 19:32 - 2014-09-22 19:32 - 00001180 _____ () C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 6500 E710n-z.lnk
2014-09-22 19:29 - 2014-09-22 19:29 - 00000000 ____D () C:\Program Files\HP
2014-09-22 17:28 - 2014-09-22 17:29 - 00000000 ____D () C:\Users\Owner\Documents\Seminary Application Information
2014-09-13 13:15 - 2014-10-09 19:15 - 00000376 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Owner.job
2014-09-13 13:15 - 2014-10-09 13:40 - 00002960 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Owner
2014-09-13 13:15 - 2014-10-09 13:40 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Owner.job
2014-09-13 13:15 - 2014-10-09 01:27 - 00002964 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Owner
2014-09-13 13:15 - 2014-10-09 01:27 - 00000370 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Owner.job
2014-09-13 13:15 - 2014-09-13 13:15 - 00003612 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Owner
2014-09-13 13:15 - 2014-09-13 13:15 - 00002668 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Owner
2014-09-11 00:59 - 2014-09-20 15:37 - 00000000 ____D () C:\Users\Owner\Documents\Logos Log Files
2014-09-11 00:05 - 2014-09-11 00:05 - 00002277 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logos Bible Software 5.lnk
2014-09-11 00:05 - 2014-09-11 00:05 - 00002269 _____ () C:\Users\Owner\Desktop\Logos Bible Software 5.lnk
2014-09-11 00:02 - 2014-09-11 00:06 - 00000000 ____D () C:\Users\Owner\AppData\Local\Logos5
2014-09-10 00:28 - 2014-09-10 00:28 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-10 00:28 - 2014-09-10 00:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-10 00:27 - 2014-09-10 00:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-10 00:27 - 2014-09-10 00:27 - 00000000 ____D () C:\Program Files\iTunes
2014-09-10 00:27 - 2014-09-10 00:27 - 00000000 ____D () C:\Program Files\iPod
2014-09-10 00:27 - 2014-09-10 00:27 - 00000000 ____D () C:\Program Files (x86)\iTunes
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-09 19:16 - 2011-11-19 01:43 - 00000000 ___RD () C:\Users\Owner\Dropbox
2014-10-09 19:16 - 2011-11-19 01:41 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dropbox
2014-10-09 19:16 - 2009-07-13 21:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-09 19:16 - 2009-07-13 21:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-09 19:15 - 2011-10-27 13:34 - 01707263 _____ () C:\Windows\WindowsUpdate.log
2014-10-09 19:14 - 2011-11-14 16:55 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 19:13 - 2011-11-14 16:55 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-09 19:07 - 2013-03-22 09:07 - 00043274 _____ () C:\SUService.log
2014-10-09 19:07 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-09 19:07 - 2009-07-13 21:51 - 00004373 _____ () C:\Windows\setupact.log
2014-10-09 19:06 - 2010-11-20 20:47 - 00393970 _____ () C:\Windows\PFRO.log
2014-10-09 18:51 - 2012-04-11 08:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-09 03:01 - 2014-06-09 17:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-09 03:01 - 2011-10-27 15:17 - 00002148 _____ () C:\Windows\epplauncher.mif
2014-10-09 03:01 - 2011-10-27 15:17 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-09 00:18 - 2011-11-09 16:40 - 00000000 ____D () C:\Program Files (x86)\HP
2014-10-08 23:59 - 2014-04-20 00:48 - 00000000 ____D () C:\Users\Owner\Documents\Outlook Files
2014-10-08 23:59 - 2013-10-05 07:07 - 00000000 ____D () C:\Users\Owner\AppData\Local\575FBD5E-1C20-4307-967F-91631EBA51A1.aplzod
2014-10-08 23:44 - 2013-02-17 20:07 - 00489472 ___SH () C:\Users\Owner\Documents\Thumbs.db
2014-10-08 16:06 - 2011-10-27 15:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-08 16:02 - 2011-11-10 18:11 - 00000000 ____D () C:\Users\Owner\Documents\Tremco Files
2014-10-08 15:48 - 2014-08-01 13:50 - 00000000 ____D () C:\Users\Owner\Desktop\Tremco Price List
2014-10-07 00:21 - 2009-07-13 22:13 - 00852386 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-06 17:30 - 2014-09-01 14:22 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-10-06 17:30 - 2014-09-01 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-10-06 17:30 - 2014-09-01 11:39 - 00000000 ____D () C:\ProgramData\Autodesk
2014-10-06 17:01 - 2011-10-27 15:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-10-06 16:57 - 2011-10-28 14:59 - 00157224 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 16:55 - 2009-07-13 21:45 - 00548416 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-06 16:50 - 2014-09-01 11:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Autodesk
2014-10-05 12:52 - 2011-10-27 15:16 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-05 12:52 - 2011-10-27 15:16 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-05 12:50 - 2014-09-01 12:31 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-10-05 12:50 - 2014-05-11 22:22 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-25 15:54 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-25 13:28 - 2013-03-04 11:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 17:51 - 2009-07-13 21:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-24 12:52 - 2012-04-11 08:17 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 12:51 - 2012-04-11 08:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 12:51 - 2011-10-27 14:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-23 02:12 - 2014-06-05 03:12 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-09-22 21:36 - 2012-05-18 22:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-22 21:21 - 2012-05-18 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-22 21:20 - 2012-05-18 22:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-22 20:25 - 2011-11-25 20:34 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-22 19:26 - 2011-11-14 16:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-22 19:26 - 2011-10-27 15:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-09-22 18:37 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-22 17:42 - 2011-11-19 01:43 - 00001017 _____ () C:\Users\Owner\Desktop\Dropbox.lnk
2014-09-22 17:42 - 2011-11-19 01:42 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-22 14:56 - 2011-11-14 14:37 - 00000000 ____D () C:\Users\Owner\AppData\Local\CutePDF Writer
2014-09-22 12:07 - 2009-07-13 22:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-21 23:42 - 2010-11-20 20:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-18 13:31 - 2013-03-22 09:33 - 00000529 _____ () C:\Users\Owner\Desktop\CRM - logon.website
2014-09-15 15:04 - 2011-11-10 14:18 - 00000000 ____D () C:\Tremspec
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkaaavi.dll
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-06 00:29
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Owner at 2014-10-09 19:27:36
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.155.0 - Autodesk)
AutoEdit (HKLM-x32\...\AutoEdit) (Version: - )
Batch Update (x32 Version: 3.0 - Libronix Corporation) Hidden
Bible Data Type System Files (x32 Version: 3.0 - Libronix Corporation) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BlackBerry Backup Extractor (HKCU\...\BlackBerry Backup Extractor) (Version: 2.0.1.0 - Reincubate Ltd)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2631 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.9.2809 - CDBurnerXP)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
Clause Visualizer (x32 Version: 3.0 - Libronix Corporation) Hidden
Common System Files (x32 Version: 3.0 - Libronix Corporation) Hidden
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7CBAE557-86B7-43DE-BF84-2FE9226E86C6}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Elevated Installer (x32 Version: 2.3.12.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Garmin Express (HKLM-x32\...\{ec281b79-20b1-4076-807d-b4a562eb13c5}) (Version: 2.3.12.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.12.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.12.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 5.9.0.1216 (HKCU\...\GoToMeeting) (Version: 5.9.0.1216 - CitrixOnline)
Graphical Query Editor (x32 Version: 3.0 - Libronix Corporation) Hidden
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{ADDF4B84-5D28-4EAE-8511-EF808C8BC81C}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IHA_MessageCenter (HKLM-x32\...\{834265C4-CDF4-44D3-BD24-31531617EFB8}) (Version: 1.8.70 - Verizon)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{80A620C1-B22C-4781-A351-B14B8A37BFE3}) (Version: 2.1 - Brice Lambson)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iPod 2 iPod (HKLM-x32\...\iPod 2 iPod 5.0) (Version: 5.0 - THE BOYS DOWNUNDER)
ISL AlwaysOn 1.2.4 (HKLM-x32\...\ISL AlwaysOn_is1) (Version: - Xlab d.o.o.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Libronix Digital Library System (HKLM-x32\...\Libronix DLS) (Version: - Libronix Corporation)
Libronix Digital Library System (x32 Version: 3.0 - Libronix Corporation) Hidden
Libronix DLS Application (x32 Version: 3.0 - Libronix Corporation) Hidden
Libronix DLS Shortcuts (x32 Version: 3.0 - Libronix Corporation) Hidden
LibronixUpdate (x32 Version: 3.0 - Libronix Corporation) Hidden
LLS Resource Driver (x32 Version: 3.0 - Libronix Corporation) Hidden
Logitech SetPoint 6.32 (HKLM\...\SP6) (Version: 6.32.20 - Logitech)
Logos 5 Prerequisites (HKLM-x32\...\{15203635-D281-4AE4-83B1-EA217B217E4D}) (Version: 5.33.0744 - Logos Bible Software)
Logos Bible Software (HKLM-x32\...\{2CBF05BA-9C5B-4954-8CB6-CEF46F83B5E8}) (Version: 5.34.1531 - Logos Bible Software)
Lotus Notes 8.5.3 (Basic) (HKLM-x32\...\{CD38D0D3-AF3F-4D6A-92C8-7C384EE5AEF3}) (Version: 8.53.11258 - IBM)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Masterworks 6.3 (HKLM-x32\...\Masterworks 6.3) (Version: 6.3.1.1 - ARCOM)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
OEB Resource Driver (x32 Version: 3.0 - Libronix Corporation) Hidden
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 (HKLM-x32\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version: - Orban, Inc.)
PDF Resource Driver (x32 Version: 3.0 - Libronix Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RMP Expiration Extension Update (HKLM-x32\...\{720A5A3F-6794-43BA-A667-6C7E728375F7}) (Version: 4.0.2 - Tremco Incorporated)
RMPNet (HKLM-x32\...\{EB7B194B-8609-4B9F-BD8C-607B20ACD996}) (Version: 1.1.5000 - Tremco Incorporated)
Sentence Diagramming (x32 Version: 3.0 - Libronix Corporation) Hidden
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tremco TremSpec Document (May 2011) Install/Update (HKLM-x32\...\Tremco TremSpec Document (May 2011) Install/Update) (Version: - )
Tremco TremSpec Maseter Update 2012 (HKLM-x32\...\Tremco TremSpec Maseter Update 2012) (Version: - )
TremcoPDF (HKLM\...\TremcoPDF) (Version: - )
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual CADD 5.0 (HKLM-x32\...\Visual CADD 5.0) (Version: by TriTools Partners - TriTools LLC)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.63.0 - Verizon)
WordPerfect Office 12 (HKLM-x32\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.0.0.238 - Corel Corporation)
YTD Toolbar v9.2 (HKLM-x32\...\{D0F57AAA-96F7-4210-B3A5-824DA82ABF45}) (Version: 9.2 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 3.9.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 3.9.6 - GreenTree Applications SRL)
Z 39.50 Library (x32 Version: 3.0 - Libronix Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1216\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2281097704-164782711-356799163-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
07-10-2014 10:00:19 Windows Update
08-10-2014 06:48:17 G2G
08-10-2014 10:00:11 Windows Update
08-10-2014 23:05:32 Removed Java 6 Update 29
09-10-2014 07:17:49 Removed HP Officejet 6500 E710n-z Basic Device Software
09-10-2014 10:00:11 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2014-10-08 16:26 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {23A18154-5202-49A4-8A11-539F3422C7BD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2281097704-164782711-356799163-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-06] (RealNetworks, Inc.)
Task: {34508CF1-89C0-45CB-B092-2500628B572E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {488F2C9F-F9D9-4859-AFA9-7031A98A4470} - System32\Tasks\ReclaimerUpdateFiles_Owner => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-13] (RealNetworks, Inc.)
Task: {8E5CAC52-5A4C-4042-B20A-7AB794D72B0C} - System32\Tasks\ReclaimerUpdateXML_Owner => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-13] (RealNetworks, Inc.)
Task: {8E77689F-1188-4736-BEE6-E899FF72768E} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\utils\hpUrlLauncher.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {9565AA1C-0179-4BDE-93B8-9705BD1C2093} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2281097704-164782711-356799163-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {A0EDC2ED-ED4A-4D1C-9ADF-024BE1DF0E2C} - System32\Tasks\RNUpgradeHelperResumePrompt_Owner => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-13] (RealNetworks, Inc.)
Task: {A87D0AB8-DAA8-4855-956B-B1D1301EF030} - System32\Tasks\RNUpgradeHelperLogonPrompt_Owner => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-13] (RealNetworks, Inc.)
Task: {B115D89A-7A35-4CCE-B456-1486416CB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {B78CD7D6-492A-4550-86EE-A467B860CF24} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {B7B3B9F4-0587-4682-8408-623351A470F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14] (Google Inc.)
Task: {B96301AA-5C00-430D-8EA1-FA9045919756} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2281097704-164782711-356799163-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {DE79F0F7-BC23-4BCB-8ABD-0FA45E4B54E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-14] (Google Inc.)
Task: {E1C008B0-BA0A-4568-BE72-10941B0E2C14} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2281097704-164782711-356799163-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-06] (RealNetworks, Inc.)
Task: {FBD9A38D-86D7-4C14-9ED6-95529BB1359C} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2281097704-164782711-356799163-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Owner.job => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Owner.job => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Owner.job => C:\Users\Owner\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
==================== Loaded Modules (whitelisted) =============
2011-11-10 14:20 - 2008-07-19 18:26 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2011-11-10 21:40 - 2009-11-05 09:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2014-04-06 23:00 - 2014-04-06 23:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-07 02:39 - 2011-10-07 02:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2011-11-10 14:37 - 2011-05-26 15:14 - 00685976 _____ () C:\Users\Owner\AppData\Roaming\HP SimpleSave Application\HPSSBackupMonitor.exe
2014-09-01 14:42 - 2014-06-20 23:19 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-09-01 14:42 - 2014-06-20 23:19 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-25 10:07 - 2014-04-25 10:07 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-10-09 19:15 - 2014-10-09 19:15 - 00043008 _____ () c:\users\owner\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkaaavi.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libcef.dll
2011-11-10 14:37 - 2010-04-26 15:30 - 00090112 _____ () C:\Users\Owner\AppData\Roaming\HP SimpleSave Application\FileMapInfoDB.dll
2014-09-25 03:06 - 2014-09-25 03:06 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-09 19:15 - 2014-06-20 23:19 - 00104328 _____ () C:\Users\Owner\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2281097704-164782711-356799163-500 - Administrator - Disabled)
Darryl (S-1-5-21-2281097704-164782711-356799163-1006 - Administrator - Enabled) => C:\Users\Darryl
Guest (S-1-5-21-2281097704-164782711-356799163-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2281097704-164782711-356799163-1002 - Limited - Enabled)
Owner (S-1-5-21-2281097704-164782711-356799163-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2014 07:24:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (10/09/2014 07:08:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2014 07:07:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Owner-PC.local already in use; will try Owner-PC-2.local instead
Error: (10/09/2014 07:07:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Owner-PC.local. Addr 192.168.1.2
Error: (10/09/2014 07:07:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.12:5353 4 owner-PC.local. Addr 192.168.1.12
Error: (10/09/2014 03:01:09 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: NT AUTHORITY)
Description: HRESULT:0x80070643
Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x80070643. Fatal error during installation.
Error: (10/09/2014 03:01:05 AM) (Source: MsiInstaller) (EventID: 11321) (User: NT AUTHORITY)
Description: Product: Microsoft Security Client -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files (x86)\Microsoft Security Client\en-US\MpAsDesc.dll.mui.
Error: (10/09/2014 00:19:44 AM) (Source: MsiInstaller) (EventID: 11706) (User: Owner-PC)
Description: Product: HP Officejet 6500 E710n-z Basic Device Software -- Error 1706. An installation package for the product HP Officejet 6500 E710n-z Basic Device Software cannot be found. Try the installation again using a valid copy of the installation package 'E710nx64.msi'.
Error: (10/08/2014 10:05:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (10/08/2014 10:05:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (10/09/2014 07:07:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :20" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:07:20 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{10D6E3BF-62E8-4CD1-9521-10F52F0C2A51} because another computer on the network has the same name. The server could not start.
Error: (10/09/2014 07:07:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:05:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:04:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:04:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:04:17 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:01:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 07:01:21 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Error: (10/09/2014 05:25:03 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OWNER-PC :0" could not be registered on the interface with IP address 192.168.1.2.
The computer with the IP address 192.168.1.12 did not allow the name to be claimed by
this computer.
Microsoft Office Sessions:
=========================
Error: (10/09/2014 07:24:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe
Error: (10/09/2014 07:08:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2014 07:07:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Owner-PC.local already in use; will try Owner-PC-2.local instead
Error: (10/09/2014 07:07:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Owner-PC.local. Addr 192.168.1.2
Error: (10/09/2014 07:07:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.12:5353 4 owner-PC.local. Addr 192.168.1.12
Error: (10/09/2014 03:01:09 AM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: NT AUTHORITY)
Description: HRESULT:0x80070643
Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x80070643. Fatal error during installation.
Error: (10/09/2014 03:01:05 AM) (Source: MsiInstaller) (EventID: 11321) (User: NT AUTHORITY)
Description: Product: Microsoft Security Client -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files (x86)\Microsoft Security Client\en-US\MpAsDesc.dll.mui.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/09/2014 00:19:44 AM) (Source: MsiInstaller) (EventID: 11706) (User: Owner-PC)
Description: Product: HP Officejet 6500 E710n-z Basic Device Software -- Error 1706. An installation package for the product HP Officejet 6500 E710n-z Basic Device Software cannot be found. Try the installation again using a valid copy of the installation package 'E710nx64.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/08/2014 10:05:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe
Error: (10/08/2014 10:05:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe
==================== Memory info ===========================
Processor: Intel® Core i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 52%
Total physical RAM: 4007.94 MB
Available physical RAM: 1895.41 MB
Total Pagefile: 10016.12 MB
Available Pagefile: 7776.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:221.95 GB) NTFS
Drive g: (HP SimpleSave) (Fixed) (Total:930.86 GB) (Free:658.88 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B7B35B8C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 0004B0A5)
Partition 1: (Active) - (Size=930.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Are you getting the Microsoft Security Client error? Yes still getting error message and Malwarebytes doesnt work either