Glad I checked on that one. Will procure a 32GB usb stick today and see if I can implement the fix suggested. Thanks for clarification. Ran Hitman and am now able to access infected machine. Here is the FRST Log file
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2014
Ran by Presenter at 2014-12-17 12:02:58
Running from C:\Documents and Settings\Presenter
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Emsisoft Anti-Malware (Disabled - Up to date) {0F8591BB-342B-4493-91C3-4E948ED21255}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3866077675-454247996-117300071-1006\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
3ivx MPEG-4 5.0.3 (remove only) (HKLM\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics Registry Cleaner (HKLM\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 4.0.0.0 - Auslogics Labs Pty Ltd)
AuthenTec Fingerprint System (HKLM\...\{FECEF9D2-9D3D-449B-9EA4-CFA775C99464}) (Version: 8.0.100.25 - AuthenTec, Inc.)
Autorun Eater v2.4 (HKLM\...\Autorun Eater_is1) (Version: - Old McDonald's Farm)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Belkin Setup and Router Monitor (HKLM\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.2 - Belkin International, Inc.)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon PIXMA iP4000 (HKLM\...\CANONBJ_Deinstall_CNMCP64.DLL) (Version: - )
CleanUp! (HKLM\...\CleanUp!) (Version: - )
Cloud System Booster (HKLM\...\Cloud System Booster) (Version: 3.3 - Anvisoft)
Combined Modem Driver Installer (HKLM\...\{9A6F0720-739C-408B-966F-93091631A918}) (Version: 1.0.0.15 - )
Corel WinDVD (Version: 11 - Corel Inc.) Hidden
Corel WinDVD Pro 11 (HKLM\...\_{991D8429-CFD9-48D9-BD85-6EDD3007B5A9}) (Version: 11.0.0.289 - Corel Inc.)
Dropbox (HKU\S-1-5-21-3866077675-454247996-117300071-1006\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Embedded Security for HP ProtectTools Driver (Version: 5.5.100 - Hewlett-Packard) Hidden
EMET (HKLM\...\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}) (Version: 3.0.0 - Microsoft)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
eRoom 7 (HKLM\...\eRoom 7) (Version: - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
Fitbit Connect (HKLM\...\Fitbit Connect) (Version: 1.0.0.2578 - Fitbit Inc.)
FlipShare (HKLM\...\{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}) (Version: 5.12.3.0 - Flip Video)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-3866077675-454247996-117300071-1006\...\Google Chrome SxS) (Version: 41.0.2251.0 - Google Inc.)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{F2498378-DB5D-45D2-8C86-46D0C7B2CCC1}) (Version: 1.10 C1 - Hewlett-Packard)
HP Battery Check (HKLM\...\HP Battery Check) (Version: 4.1.0.2 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 4.4.0003 - HPQ)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{84814E6B-2581-46EC-926A-823BD1C670F6}) (Version: 5.1.0.4803 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.11352 - HP Photo Creations Powered by RocketLife)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{14D71565-08BF-472D-9376-14D999049C1A}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40.17.2 - Hewlett-Packard)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
ICA (Version: 1.0 - Corel Inc.) Hidden
Intel® Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{F22FD942-651D-4EE8-BD6F-7E0AF5E17625}) (Version: 12.04.0000 - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version: - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1259 - InterVideo Inc.)
IPM (Version: 1.00.0000 - Corel Inc.) Hidden
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
LiveUpdate 3.1 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.1.0.99 - Symantec Corporation)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Standard 2007 (HKLM\...\PRJSTD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobile Broadband Generic Drivers (HKLM\...\Mobile Broadband Generic Drivers) (Version: 2.03.09.005.14 - Novatel Wireless)
Mobile Broadband Generic Drivers (Version: 2.03.09.005.14 - Novatel Wireless) Hidden
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Mouse Suite (HKLM\...\MouseSuite98) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6128 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13550 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.57 - PDF Complete, Inc.)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RICOH R5C853 Media Driver Ver.1.02.00.17 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 1.02.00.17 - RICOH)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Setup (Version: 11.0 - Corel Inc.) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.5880 - Analog Devices)
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-003A-0000-0000-0000000FF1CE}_PRJSTD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Video Mover (HKLM\...\Video Mover_is1) (Version: - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Presenter\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.5\psuser.dl (the data entry has 9 more characters).
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{1BEAC3E3-B852-44F4-B468-8906C062422E}\localserver32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Chrome SxS\Application\41.0.2251.0\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.d (the data entry has 10 more characters).
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Presenter\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Presenter\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Presenter\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Presenter\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Presenter\Application Data\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3866077675-454247996-117300071-1006_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> No File Path
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2008-04-14 07:00 - 2013-01-23 12:04 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3866077675-454247996-117300071-1006Core.job => C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3866077675-454247996-117300071-1006UA.job => C:\Documents and Settings\Presenter\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{DC2ABE27-FEA3-4C83-AFF4-55B4F05FBEF4}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2014-10-24 17:43 - 2014-10-06 17:43 - 00775400 _____ () C:\Program Files\Emsisoft Anti-Malware\fw32.dll
2009-02-27 05:51 - 2009-02-27 05:51 - 00200704 ____N () C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 00460144 ____N () C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 ____N () C:\Program Files\Flip Video\FlipShare\QtCore4.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 ____N () C:\Program Files\Flip Video\FlipShare\Core.dll
2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 ____N () C:\Program Files\Flip Video\FlipShare\qca2.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 ____N () C:\Program Files\Flip Video\FlipShare\QtGui4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 ____N () C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 ____N () C:\Program Files\Flip Video\FlipShare\QtSql4.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 ____N () C:\Program Files\Flip Video\FlipShare\QtXml4.dll
2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 ____N () C:\Program Files\Flip Video\FlipShare\QtWebKit4.dll
2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 ____N () C:\Program Files\Flip Video\FlipShare\phonon4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 ____N () C:\Program Files\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 ____N () C:\Program Files\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 ____N () C:\Program Files\Flip Video\FlipShare\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 ____N () C:\Program Files\Flip Video\FlipShare\PocoXML.dll
2014-05-29 01:47 - 2014-05-29 01:47 - 00018616 _____ () C:\Program Files\Anvisoft\Cloud System Booster\Public.dll
2013-11-27 04:33 - 2013-11-27 04:33 - 00156344 _____ () C:\Program Files\Anvisoft\Cloud System Booster\ui.dll
2013-11-27 04:33 - 2013-11-27 04:33 - 00090808 _____ () C:\Program Files\Anvisoft\Cloud System Booster\libglognc.dll
2014-05-29 01:47 - 2014-05-29 01:47 - 00028856 _____ () C:\Program Files\Anvisoft\Cloud System Booster\extentions\TestExtention.dll
2011-05-06 11:58 - 2011-05-06 11:58 - 01085440 ____N () C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 ____N () C:\Program Files\Flip Video\FlipShareServer\QtCore4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 ____N () C:\Program Files\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 ____N () C:\Program Files\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 ____N () C:\Program Files\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 ____N () C:\Program Files\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 ____N () C:\Program Files\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 ____N () C:\Program Files\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 ____N () C:\Program Files\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 ____N () C:\Program Files\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 ____N () C:\Program Files\Flip Video\FlipShareServer\PocoCrypto.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot => "AlternateShell"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk => C:\WINDOWS\pss\Bluetooth.lnkCommon Startup
MSCONFIG\startupreg: InstaLAN => "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
========================= Accounts: ==========================
Administrator (S-1-5-21-3866077675-454247996-117300071-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-3866077675-454247996-117300071-1004 - Limited - Enabled)
Guest (S-1-5-21-3866077675-454247996-117300071-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-3866077675-454247996-117300071-1005 - Limited - Disabled)
Presenter (S-1-5-21-3866077675-454247996-117300071-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Presenter
SUPPORT_388945a0 (S-1-5-21-3866077675-454247996-117300071-1002 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/17/2014 11:39:13 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/17/2014 08:32:34 AM) (Source: crypt32) (EventID: 8) (User: )
Error: (12/17/2014 08:32:34 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/17/2014 08:32:32 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/17/2014 08:32:20 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/17/2014 08:32:20 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/08/2014 08:16:11 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/08/2014 08:16:11 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (12/08/2014 09:01:08 AM) (Source: crypt32) (EventID: 8) (User: )
Error: (12/08/2014 09:01:08 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <
http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
System errors:
=============
Error: (12/17/2014 00:00:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053
Error: (12/17/2014 00:00:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
Error: (12/17/2014 08:39:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053
Error: (12/17/2014 08:39:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
Error: (12/16/2014 11:22:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053
Error: (12/16/2014 11:22:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
Error: (12/08/2014 08:28:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053
Error: (12/08/2014 08:28:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.
Error: (12/06/2014 09:41:34 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
Error: (11/14/2014 09:33:06 PM) (Source: W32Time) (EventID: 29) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T9600 @ 2.80GHz
Percentage of memory in use: 36%
Total physical RAM: 3067.19 MB
Available physical RAM: 1934.83 MB
Total Pagefile: 4952.76 MB
Available Pagefile: 3835.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.08 GB) (Free:124.76 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 71837183)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Edited by Warden, 17 December 2014 - 11:05 AM.