Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Slow PC, Fan goes on and off, always says "Waiting for Cache"

Started by traunt53 , Jan 28 2015 05:09 PM

windows 7 cache fan malware not responding multiple chrome.exe 32 fan on and off

Please log in to reply

#16
traunt53

Posted 30 January 2015 - 10:35 PM

Member

Topic Starter
Member
45 posts

Just did the reboot. Seemed slower than ever. I will continue with the rest now. (Thanks for the help so far by the way!)

Just an FYI, not sure if this matters but every time I restart the PC it says "Could not reconnect to all drivers" on the bottom right.

#17
traunt53

Posted 30 January 2015 - 10:50 PM

Member

Topic Starter
Member
45 posts

So where you said: (This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt

notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

Should I still do what you put below this part above if it says it could fix it? Or is the rest of your post only if it says it couldn't fix?

#18
traunt53

Posted 30 January 2015 - 11:05 PM

Member

Topic Starter
Member
45 posts

Ill do the rest now:

C:\Windows\system32>sfc /scannow

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 100% complete.

Windows Resource Protection did not find any integrity violations.

C:\Windows\system32>

#19
traunt53

Posted 30 January 2015 - 11:09 PM

Member

Topic Starter
Member
45 posts

Number of events:

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 31/01/2015 12:08:14 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 31/01/2015 4:34:20 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Google Update Service (gupdate) service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 31/01/2015 4:33:41 AM

Type: Error Category: 0

Event: 7011 Source: Service Control Manager

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Log: 'System' Date/Time: 31/01/2015 4:30:22 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Garmin Core Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 31/01/2015 4:30:22 AM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Garmin Core Update Service service to connect.

Log: 'System' Date/Time: 31/01/2015 4:29:52 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The Freemake Improver service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 31/01/2015 4:29:52 AM

Type: Error Category: 0

Event: 7009 Source: Service Control Manager

A timeout was reached (30000 milliseconds) while waiting for the Freemake Improver service to connect.

Log: 'System' Date/Time: 31/01/2015 4:29:15 AM

Type: Error Category: 0

Event: 7000 Source: Service Control Manager

The DgiVecp service failed to start due to the following error: The system cannot find the device specified.

Log: 'System' Date/Time: 31/01/2015 4:27:47 AM

Type: Error Category: 0

Event: 10010 Source: Microsoft-Windows-DistributedCOM

The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'System' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'System' Date/Time: 31/01/2015 4:53:13 AM

Type: Warning Category: 7

Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power

The speed of processor 0 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 4 seconds since the last report.

Log: 'System' Date/Time: 31/01/2015 4:53:13 AM

Type: Warning Category: 7

Event: 37 Source: Microsoft-Windows-Kernel-Processor-Power

The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 4 seconds since the last report.

Log: 'System' Date/Time: 31/01/2015 4:28:44 AM

Type: Warning Category: 0

Event: 1 Source: RTL8167

Realtek PCIe GBE Family Controller is disconnected from network.

Log: 'System' Date/Time: 31/01/2015 4:28:05 AM

Type: Warning Category: 0

Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig

WLAN AutoConfig service has successfully stopped.

#20
traunt53

Posted 30 January 2015 - 11:12 PM

Member

Topic Starter
Member
45 posts

application:

Vino's Event Viewer v01c run on Windows 2008 in English

Report run at 31/01/2015 12:11:21 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Critical Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Error Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log: 'Application' Date/Time: 31/01/2015 4:36:39 AM

Type: Error Category: 0

Event: 35 Source: SideBySide

Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis.

Log: 'Application' Date/Time: 31/01/2015 4:36:39 AM

Type: Error Category: 0

Event: 35 Source: SideBySide

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

'Application' Log - Warning Type

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#21
traunt53

Posted 30 January 2015 - 11:19 PM

Member

Topic Starter
Member
45 posts

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

SacReminder.exe 49.09 7,948 K 16,588 K 3124 Clickfree Reminder Storage Appliance Corp. (Verified) Storage Appliance Corporation

System Idle Process 41.29 0 K 24 K 0

IAANTmon.exe 2,444 K 6,608 K 4160 RAID Monitor Intel Corporation (Verified) Intel Corporation

procexp64.exe 4.96 35,880 K 49,740 K 5264 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals

Interrupts 0.78 0 K 0 K n/a Hardware Interrupts and DPCs

dwm.exe 0.46 58,000 K 47,548 K 2852 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows

avgui.exe 0.42 20,488 K 44,028 K 3828 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

SynTPEnh.exe 1.04 8,352 K 13,552 K 2996 Synaptics TouchPad Enhancements Synaptics Incorporated (Verified) Microsoft Windows Hardware Compatibility Publisher

System 0.45 452 K 1,236 K 4

csrss.exe 0.25 3,532 K 23,768 K 760 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows

explorer.exe 0.09 38,740 K 62,436 K 2860 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows

AppleMobileDeviceService.exe 0.04 3,048 K 9,404 K 1820 MobileDeviceService Apple Inc. (Verified) Apple Inc.

chrome.exe 0.44 65,556 K 99,532 K 2200 Google Chrome Google Inc. (Verified) Google Inc

offSyncService.exe 0.02 1,312 K 4,292 K 1144 Online Storage File Backup Starfield Technologies (Verified) Starfield Technologies

chrome.exe 0.02 49,156 K 54,136 K 5156 Google Chrome Google Inc. (Verified) Google Inc

services.exe 0.01 6,400 K 10,032 K 852 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows

spoolsv.exe < 0.01 9,384 K 17,084 K 1672 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows

CCleaner64.exe 0.01 8,380 K 1,480 K 5784 CCleaner Piriform Ltd (Verified) Piriform Ltd

DellSystemDetect.exe 0.01 23,772 K 31,792 K 4032 Dell System Detect Dell (Certificate expired) Dell

avgwdsvc.exe 0.16 10,124 K 21,244 K 1872 AVG Watchdog Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

SacNetAgent.exe 2,776 K 6,096 K 3700 Clickfree Network Agent Storage Appliance Corporation (Verified) Storage Appliance Corporation

pbbtnService.exe < 0.01 2,384 K 6,148 K 2888 PasswordBox Service PasswordBox, Inc. (No signature was present in the subject) PasswordBox, Inc.

svchost.exe < 0.01 4,116 K 8,948 K 968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 73,284 K 76,680 K 5332 Google Chrome Google Inc. (Verified) Google Inc

taskhost.exe < 0.01 7,708 K 11,692 K 2332 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 24,132 K 39,924 K 1092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

avgidsagent.exe < 0.01 16,828 K 30,736 K 1840 AVG Identity Protection Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

svchost.exe 0.01 9,464 K 16,840 K 1064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 14,148 K 15,380 K 1540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe < 0.01 6,956 K 13,200 K 1992 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.38 142,132 K 150,372 K 1040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

stacsv64.exe < 0.01 12,964 K 8,576 K 1124 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher

BTHSAmpPalService.exe < 0.01 1,840 K 4,412 K 5096 Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter Intel Corporation (Verified) Intel Corporation-Mobile Wireless Group

ZeroConfigService.exe < 0.01 6,124 K 14,556 K 1532 Intel® PROSet/Wireless Zero Configure Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

workspaceupdate.exe 2,264 K 7,400 K 3132 Workspace Updater Starfield Technologies (Verified) Starfield Technologies

wmpnetwk.exe 0.01 15,340 K 14,524 K 4344 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows

WmiPrvSE.exe 4,672 K 10,872 K 5016 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows

winlogon.exe < 0.01 2,932 K 7,528 K 804 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows

wininit.exe 1,484 K 4,412 K 748 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows

unsecapp.exe 1,804 K 5,260 K 4832 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows

UACProxy.exe 940 K 3,204 K 1912 Clickfree Backup Storage Appliance Corp. (Verified) Storage Appliance Corporation

SynTPHelper.exe 1,484 K 3,800 K 5004 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Microsoft Windows Hardware Compatibility Publisher

svchost.exe < 0.01 15,076 K 16,236 K 1708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 4,812 K 8,512 K 420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 0.01 26,900 K 23,776 K 684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 4,804 K 11,832 K 5732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 2,456 K 5,496 K 1408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 3,084 K 7,804 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 1,472 K 3,920 K 3792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 1,488 K 3,956 K 4064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

svchost.exe 4,388 K 8,996 K 1832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows

sttray64.exe 7,488 K 16,620 K 3020 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher

smss.exe 452 K 1,096 K 320 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows

sidebar.exe 19,776 K 47,168 K 1508 Windows Desktop Gadgets Microsoft Corporation (Verified) Microsoft Windows

SearchIndexer.exe 35,000 K 14,924 K 4328 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows

rundll32.exe 6,412 K 5,964 K 1328 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows

RegSrvc.exe 2,520 K 7,604 K 3392 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

realsched.exe 2,460 K 708 K 3716 RealNetworks Scheduler RealNetworks, Inc. (Verified) RealNetworks

quickset.exe 8,016 K 10,564 K 3056 QuickSet Dell Inc. (Certificate expired) Dell Inc.

procexp.exe 3,012 K 7,236 K 1232 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation

PDVDDXSrv.exe 4,300 K 8,888 K 3652 CyberLink PowerDVD Resident Program CyberLink Corp. (Verified) CyberLink

o2flash.exe 1,404 K 3,912 K 3732 O2 Flash Memory Service O2Micro International (Verified) Microsoft Windows Hardware Compatibility Publisher

mDNSResponder.exe 2,228 K 5,624 K 1892 Bonjour Service Apple Inc. (Verified) Apple Inc.

lsm.exe 2,476 K 4,168 K 880 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows

lsass.exe 6,000 K 13,748 K 860 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows

igfxtray.exe 2,604 K 6,804 K 2244 igfxTray Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher

igfxpers.exe 2,488 K 6,984 K 2384 persistence Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher

iCloudServices.exe 4,428 K 15,568 K 3116 iCloud Apple Inc. (Verified) Apple Inc.

IAAnotif.exe 2,436 K 7,392 K 2108 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation

hkcmd.exe 3,292 K 10,348 K 2344 hkcmd Module Intel Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher

EvtEng.exe < 0.01 4,828 K 11,460 K 2040 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

DockLogin.exe 1,108 K 3,932 K 1488 Dock Login Service Stardock Corporation (No signature was present in the subject) Stardock Corporation

dllhost.exe 2,312 K 6,152 K 4572 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows

ctfmon.exe 2,224 K 4,604 K 2484 CTF Loader Microsoft Corporation (Verified) Microsoft Windows

CTAudSvc.exe 1,328 K 4,276 K 1284 Creative Audio Service Creative Technology Ltd (No signature was present in the subject) Creative Technology Ltd

csrss.exe < 0.01 2,068 K 4,416 K 700 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows

chrome.exe 73,932 K 63,152 K 4372 Google Chrome Google Inc. (Verified) Google Inc

chrome.exe 95,688 K 97,284 K 3160 Google Chrome Google Inc. (Verified) Google Inc

BTHSSecurityMgr.exe 3,520 K 8,168 K 1616 Intel® BlueTooth® HS Security Manager Service Intel® Corporation (Verified) Intel Corporation-Mobile Wireless Group

avgrsa.exe < 0.01 18,592 K 33,488 K 428 AVG Resident Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

avgnsa.exe 6,692 K 13,844 K 2504 AVG Online Shield Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

avgemca.exe 2,068 K 6,860 K 2512 AVG E-mail Scanner AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

avgcsrva.exe 15,312 K 139,328 K 460 AVG Scanning Core Module - Server Part AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ

audiodg.exe 17,216 K 17,228 K 3444 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows

armsvc.exe 1,144 K 3,840 K 1796 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems

AdobeARM.exe 3,940 K 12,628 K 3708 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems

#22
RKinner

Posted 31 January 2015 - 07:37 AM

Malware Expert

Expert
24,625 posts

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 71
Java™ 7 Update 1
JavaFX 2.1.0

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

#23
RKinner

Posted 31 January 2015 - 08:16 AM

Malware Expert

Expert
24,625 posts

In addition to my previous post on removing Java: I think you have found the culprit in your last Process Explorer log.

SacReminder.exe 49.09

It's using almost 50% of your CPU.

This is part of some backup software called Click Free that probably came with an external hard drive. If the hard drive is no longer there it may be searching for it. I do not see an uninstaller for it so I would be inclined to treat it as a virus and use FRST to remove it along with the google updates that are broken.

If you don't use Windows Live you should uninstall it as it is also broken. IF you do use it you still need to uninstall it then get the latest version and reinstall.

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that. Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.

#24
traunt53

Posted 31 January 2015 - 10:41 AM

Member

Topic Starter
Member
45 posts

I uninstalled the 3 Java components I found. Only ones I found were the three you saw. What do I need Java for? I have never known. Some times it pops up and says I need it though.

There was a runtime that said microsoft on it so I kept that.

#25
traunt53

Posted 31 January 2015 - 10:44 AM

Member

Topic Starter
Member
45 posts

OK I am about to do post #23 but the clickfree is my backup external hard drive. It is only connected when I back up my PC which I recently did a couple times because I wanted to make sure if this thing crashes that I am OK.

You said: "SacReminder.exe 49.09

It's using almost 50% of your CPU." Is there a way to get rid of this?

#26
traunt53

Posted 31 January 2015 - 10:48 AM

Member

Topic Starter
Member
45 posts

I'm not sure about windows live. The only thing I see that I may use is photo gallery. As long as that doesn't delete all my photos, I am fine dumping all of windows live

#27
traunt53

Posted 31 January 2015 - 11:06 AM

Member

Topic Starter
Member
45 posts

OK, So I ran FRST - AVG tried to protect against it but I declined it's help and said it was safe. Then the PC restarted. (When it came back on it said could not connect to all drivers like it always does) then the report popped up:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-01-2015 01

Ran by Trent at 2015-01-31 11:57:14 Run:2

Running from C:\Users\Trent\Downloads

Loaded Profiles: Trent & Guest (Available profiles: Trent & Guest)

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [SacReminderHDDV2N] => C:\ProgramData\OfficeGuardianV2N\reminder\SacReminder.exe [862032 2011-07-08] (Storage Appliance Corp.)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File

R2 CFUACProxy_officeguardianv2n; C:\ProgramData\OfficeGuardianV2N\UACProxy.exe [83792 2011-07-08] (Storage Appliance Corp.)

R2 SacNetAgentService_C57C4F854F53; C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe [163664 2011-07-08] (Storage Appliance Corporation)

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]

S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]

S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-25] (Samsung Electronics Co., Ltd.)

Task: {221AF5CF-A07A-42D6-9FAD-22AAFEAE7F25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {445FFF10-1C66-401C-A869-2F02DCE66E75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {5A673285-99FD-40A3-8911-920D35E88520} - System32\Tasks\{265DECF1-1602-451F-988D-B1F65B87CC09} => pcalua.exe -a "C:\Program Files (x86)\McAfee\MSC\mcuninst.exe"

Task: {BA9DA709-D3E7-49E0-9486-423EDC1EA870} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001UA => C:\Users\Trent\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)

Task: {C96B11BA-3BA5-4493-96B5-4C249CABB0E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001Core => C:\Users\Trent\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)

Task: {DD3039BE-D7EA-4560-880D-860B6E9CC047} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {FCDDF25D-F31E-41FE-91F4-7E5911BE3CC5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001Core.job => C:\Users\Trent\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001UA.job => C:\Users\Trent\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {67BF9A55-EFC9-4F1B-85CB-8525B7213104} - System32\Tasks\{7F92AA7A-B302-42DB-AD31-87D05CE5EE6A} => pcalua.exe -a D:\Setup.exe -d D:\

CustomCLSID: HKU\S-1-5-21-4108897128-1100751025-739537080-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Trent\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-4108897128-1100751025-739537080-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Trent\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

C:\ProgramData\OfficeGuardianV2N

*****************

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SacReminderHDDV2N => value deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.

"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.

"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.

"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.

"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.

CFUACProxy_officeguardianv2n => Service stopped successfully.

CFUACProxy_officeguardianv2n => Service deleted successfully.

SacNetAgentService_C57C4F854F53 => Service stopped successfully.

SacNetAgentService_C57C4F854F53 => Service deleted successfully.

gupdate => Service deleted successfully.

gupdatem => Service deleted successfully.

gusvc => Service deleted successfully.

DgiVecp => Service deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{221AF5CF-A07A-42D6-9FAD-22AAFEAE7F25}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{221AF5CF-A07A-42D6-9FAD-22AAFEAE7F25}" => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{445FFF10-1C66-401C-A869-2F02DCE66E75}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{445FFF10-1C66-401C-A869-2F02DCE66E75}" => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A673285-99FD-40A3-8911-920D35E88520}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A673285-99FD-40A3-8911-920D35E88520}" => Key deleted successfully.

C:\Windows\System32\Tasks\{265DECF1-1602-451F-988D-B1F65B87CC09} => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{265DECF1-1602-451F-988D-B1F65B87CC09}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA9DA709-D3E7-49E0-9486-423EDC1EA870}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA9DA709-D3E7-49E0-9486-423EDC1EA870}" => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001UA => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001UA" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C96B11BA-3BA5-4493-96B5-4C249CABB0E1}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C96B11BA-3BA5-4493-96B5-4C249CABB0E1}" => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001Core => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001Core" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD3039BE-D7EA-4560-880D-860B6E9CC047}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD3039BE-D7EA-4560-880D-860B6E9CC047}" => Key deleted successfully.

C:\Windows\System32\Tasks\SystemToolsDailyTest => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCDDF25D-F31E-41FE-91F4-7E5911BE3CC5}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCDDF25D-F31E-41FE-91F4-7E5911BE3CC5}" => Key deleted successfully.

C:\Windows\System32\Tasks\GarminUpdaterTask => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GarminUpdaterTask" => Key deleted successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001Core.job => Moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4108897128-1100751025-739537080-1001UA.job => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67BF9A55-EFC9-4F1B-85CB-8525B7213104}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67BF9A55-EFC9-4F1B-85CB-8525B7213104}" => Key deleted successfully.

C:\Windows\System32\Tasks\{7F92AA7A-B302-42DB-AD31-87D05CE5EE6A} => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7F92AA7A-B302-42DB-AD31-87D05CE5EE6A}" => Key deleted successfully.

"HKU\S-1-5-21-4108897128-1100751025-739537080-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => Key deleted successfully.

"HKU\S-1-5-21-4108897128-1100751025-739537080-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => Key deleted successfully.

"C:\ProgramData\OfficeGuardianV2N" directory move:

C:\ProgramData\OfficeGuardianV2N\1530Class.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\adv.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\BacklinkedAbout.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\BacklinkedAbout.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\BacklinkedAboutFR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\BacklinkedAboutGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\BacklinkedAboutJP.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Base64.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ChineseSimplifiedResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ChineseTraditionalResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\clickfree.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ClickFree.ico => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ClickfreeSet.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\clickfree_crafter.skf => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\clickfree_vertical.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\CopyLock.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\CopyLock64.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\CountDownForKeyAboutGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DanishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\devutil.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DisconnectAbout.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DisconnectAbout.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DisconnectAboutFR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DisconnectAboutGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DisconnectAboutJP.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DutchResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_DA.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_EN.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_FI.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_FR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_GR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_IT.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_JP.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_NL.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_NW.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_PR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_RU.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_SC.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_SP.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\EULA_SV.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Express32File.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Express64File.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\FinnishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\FixMyClickFreeBackup.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\folders.lst => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\folders.lst.out => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\FrenchResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Gadget.log => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\gadget.skf => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\gdiplus.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GermanResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettings.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsCS.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsDA.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsDT.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsEN.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsFI.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsFR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsGR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsIT.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsJP.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsKR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsNW.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsPR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsRU.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsSP.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\GUISettingsSV.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\HDDUtility.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_cancel_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_CS.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_DA.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_DT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_FR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_GR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_IT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_JP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_NW.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_PR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\h_banner_SP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iCommon.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\InstallGadget.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ItalianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iWNASPI32.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\JapaneseResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\KoreanResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\LanguageSettings.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\LocalHelp.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\LocalHelp.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\LocalHelpFR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\LocalHelpGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\LocalHelpJP.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\mb_email.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\mb_email2000.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\mb_email64.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Misc.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\NonAdminProxy.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\NorwegianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ntrights.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\NUDiskDll20.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OEProxy64.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OfficeGuardian.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OGCleaner.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OutLook2K.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OutlookHelper.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OutlookHelper64.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OutlookProfile.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\OutlookProfile64.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\PartitionHDD.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\PortugueseResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\PrivilegeRestore.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RCOG.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RCopySys.sys => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RemoteCopyDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RemoteHelp.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RemoteHelp.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RemoteHelpFR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RemoteHelpGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RemoteHelpJP.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ResourceDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_CS.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_DA.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_DT.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_FI.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_FR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_GR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_IT.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_JP.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_KR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_NW.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_PR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_RU.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_SP.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RestoreAbout_SV.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\rollback.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\RussianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SacNetAgent.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SacReminder.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SACUpdater.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ScheduleAbout.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ScheduleAbout.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ScheduleAboutFR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ScheduleAboutGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ScheduleAboutJP.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Settings.ini => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\ShLog.txt => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SkinCrafterDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SNDEV.txt => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SoftwareSetting.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SpanishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SPTIASPI.DLL => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\StatusViewAbout.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\StatusViewAbout.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\StatusViewAboutFR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\StatusViewAboutGR.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\StatusViewAboutJP.mht => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\SwedishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\UACExe.Info => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\UACProxy.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\uDiskDLL.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\UndoUacProxy.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\VSSDllVista.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\VSSDllXp.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_CS.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_DA.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_DT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_FI.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_FR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_GR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_IT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_JP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_KR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_NW.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_PR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_RU.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_SP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\v_banner_SV.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\welcomeimage_3.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\WLMailProfile.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\work.dat => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\xcacls.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\1530Class.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\devutil.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\gadget.skf => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\gdiplus.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\iCommon.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\iWNASPI32.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\NUDiskDll20.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.ini => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.log => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\SacReminder.exe => Moved successfully.

Could not move "C:\ProgramData\OfficeGuardianV2N\Reminder\SacReminder.log" => Scheduled to move on reboot.

C:\ProgramData\OfficeGuardianV2N\Reminder\SkinCrafterDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\Reminder\SPTIASPI.DLL => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\clickfree_crafter.skf => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\gdiplus.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\icu.net.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\IPhoneConnector.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\iPodMusicImporter.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Microsoft.VC80.CRT.manifest => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\msvcm80.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\msvcp80.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\msvcr80.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\PodWrapper.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\SharePodLib.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\SkinCrafterDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\sqlite3.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\System.Data.SQLite.DLL => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\zlib.net.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\ChineseSimplifiedResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\DanishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\DutchResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\FinnishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\FrenchResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GermanResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsCS.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsDA.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsDT.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsEN.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsFI.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsFR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsGR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsIT.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsJP.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsKR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsNW.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsPR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsRU.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsSP.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\GUISettingsSV.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_CS.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_DA.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_DT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_FR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_GR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_IT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_NW.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_PR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\h_banner_SP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\ItalianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\JapaneseResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\KoreanResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\LanguageSettings.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\NorwegianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\PortugueseResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\ResourceDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\RussianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\SpanishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\SwedishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_CS.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_DA.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_DT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_FR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_GR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_IT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_NW.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_PR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\iPodMusicImporter\Resource\v_banner_SP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Autorun.inf => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\StartClickFreeBackup.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\1530Class.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\adv.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\ChineseSimplifiedResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\ChineseTraditionalResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\Clickfree.ico => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\clickfree_crafter.skf => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\CopyLock.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\CopyLock64.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\DanishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\devutil.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\Disk_Info => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\DutchResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_DA.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_EN.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_FI.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_FR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_GR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_IT.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_JP.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_NL.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_NW.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_PR.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_SC.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_SP.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\EULA_SV.html => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\Express32File.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\Express64File.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\FinnishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\FixMyClickFreeBackup.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\FrenchResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\gdiplus.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GermanResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettings.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsCS.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsDA.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsDT.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsEN.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsFI.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsFR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsGR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsIT.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsJP.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsKR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsNW.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsPR.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsSP.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\GUISettingsSV.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\HDDUtility.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_CS.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_DA.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_DT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_FI.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_FR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_GR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_IT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_JP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_KR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_NW.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_PR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_SP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\h_banner_SV.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\iCommon.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\ItalianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\iWNASPI32.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\JapaneseResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\KoreanResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\LanguageSettings.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\Misc.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\NorwegianResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\NUDiskDll20.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\OfficeGuardian.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\PortugueseResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\PrivilegeRestore.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\RCopySys.sys => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\RemoteCopyDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\ResourceDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\rollback.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\SACUpdater.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\SkinCrafterDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\SoftwareSetting.xml => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\SpanishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\SPTIASPI.DLL => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\SwedishResDll.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\UACProxy.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\UndoUacProxy.exe => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\VSSDllVista.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\VSSDllXp.dll => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_CS.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_DA.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_DT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_EN.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_FI.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_FR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_GR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_IT.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_JP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_KR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_NW.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_PR.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_SP.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\v_banner_SV.gif => Moved successfully.

C:\ProgramData\OfficeGuardianV2N\DVD\Bin\xcacls.exe => Moved successfully.

Could not move "C:\ProgramData\OfficeGuardianV2N" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-31 12:02:31)<=

C:\ProgramData\OfficeGuardianV2N\Reminder\SacReminder.log => Is moved successfully.

C:\ProgramData\OfficeGuardianV2N => Is moved successfully.

==== End of Fixlog 12:02:32 ====

#28
RKinner

Posted 31 January 2015 - 11:10 AM

Malware Expert

Expert
24,625 posts

Lots of better ways to edit photos. Picasa is what I use. I don't see why uninstalling Windows Live show mess with your photes. I assume they are in My Photos or at least one of the folders under Documents and not in some subfolder of windows live..

Since you use this click free thing I would get autoruns from

http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin.

Then find the things from Storage Appliance and uncheck them. There should be some drivers

CFUACProxy_officeguardianv2n; C:\ProgramData\OfficeGuardianV2N\UACProxy.exe [83792 2011-07-08] (Storage Appliance Corp.)

SacNetAgentService_C57C4F854F53; C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe [163664 2011-07-08] (Storage Appliance Corporation)

a Run entry:

SacReminderHDDV2N] => C:\ProgramData\OfficeGuardianV2N\reminder\SacReminder.exe [862032 2011-07-08] (Storage Appliance Corp.)

and I expect this task:

Task: {67BF9A55-EFC9-4F1B-85CB-8525B7213104} - System32\Tasks\{7F92AA7A-B302-42DB-AD31-87D05CE5EE6A} => pcalua.exe -a D:\Setup.exe -d D:\

is part of it.

You can also uncheck anything you find that is in yellow highlight. That means the file can't be found. Probably some google updates

Close Autoruns.

reboot

run VEW again as before and also Process Explorer. Let's see if that worked.

#29
RKinner

Posted 31 January 2015 - 11:14 AM

Malware Expert

Expert
24,625 posts

Oh well. Guess I didn't reply fast enough. I expect the no click program will reinstall itself when you reconnect the drive.

reboot

run VEW again as before and also Process Explorer. Let's see if that worked.

#30
traunt53

Posted 31 January 2015 - 11:18 AM

Member

Topic Starter
Member
45 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015 01

Ran by Trent (administrator) on TRENT-PC on 31-01-2015 12:07:36

Running from C:\Users\Trent\Downloads

Loaded Profiles: Trent (Available profiles: Trent & Guest)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe

(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

(O2Micro International) C:\Windows\System32\drivers\o2flash.exe

(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Google Inc.) C:\Users\Trent\AppData\Local\Google\Update\GoogleUpdate.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Starfield Technologies) C:\Users\Trent\AppData\Local\Workspace\workspaceupdate.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Google Inc.) C:\Users\Trent\AppData\Local\Google\Chrome\Application\chrome.exe

(Dell) C:\Users\Trent\AppData\Local\Apps\2.0\4NCMVPL1.RHM\Z7L5KTHY.536\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Google Inc.) C:\Users\Trent\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1882920 2009-10-29] (Synaptics Incorporated)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry

HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink Corp.)

HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)

HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-10-09] (RealNetworks, Inc.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Run: [] => [X]

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [Google Update] => C:\Users\Trent\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [DellSystemDetect] => C:\Users\Trent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [GoogleChromeAutoLaunch_D61670D39A2C7C5D474E64BB881C7D23] => C:\Users\Trent\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-01-25] (Google Inc.)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [Starfield Updater] => C:\Users\Trent\AppData\Local\Workspace\workspaceupdate.exe [35008 2015-01-19] (Starfield Technologies)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\MountPoints2: {b461b893-73b9-11e1-88d9-0024e8ed7f98} - E:\StartClickFreeBackup.exe

HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)

ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

HKU\S-1-5-21-4108897128-1100751025-739537080-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://tra.mlxtempo.com/

SearchScopes: HKLM -> {534213C9-51ED-47AA-BD1D-1A46D4164F97} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKLM-x32 -> {534213C9-51ED-47AA-BD1D-1A46D4164F97} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKU\S-1-5-21-4108897128-1100751025-739537080-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.c...q={searchTerms}

SearchScopes: HKU\S-1-5-21-4108897128-1100751025-739537080-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.c...q={searchTerms}

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File

BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

BHO-x32: PasswordBox Helper -> {5DB69B97-934B-451D-94DB-32EF802A01CD} -> C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File

BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1081

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.4.1 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @nds.com/PCShowPlugin -> C:\Users\Trent\AppData\Local\DIRECTV Player\npPCShowPlugin.dll No File

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @nds.com/PlayerPlugin -> C:\Users\Trent\AppData\Local\DIRECTV Player\npPlayerPlugin.dll No File

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @starfield.com/off -> C:\Users\Trent\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @starfield.com/off64 -> C:\Users\Trent\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @starfield.com/wbe -> C:\Users\Trent\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @starfield.com/wbe64 -> C:\Users\Trent\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Trent\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-4108897128-1100751025-739537080-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Trent\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Trent\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)

FF Plugin ProgramFiles/Appdata: C:\Users\Trent\AppData\Roaming\mozilla\plugins\npoff64.dll ( Starfield Technologies, LLC.)

FF Plugin ProgramFiles/Appdata: C:\Users\Trent\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)

FF Plugin ProgramFiles/Appdata: C:\Users\Trent\AppData\Roaming\mozilla\plugins\npwbe64.dll (Starfield Technology, LLC)

FF Extension: WBE Paste - C:\Users\Trent\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2015-01-19]

FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-09]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-28]

FF HKU\S-1-5-21-4108897128-1100751025-739537080-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "chrome://speeddial/", "hxxp://search.conduit.com/?ctid=CT3289847&SearchSource=48&CUI=UN20679539459122171&UM=2"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-16]

CHR Extension: (Google Drive) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-16]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (YouTube) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-16]

CHR Extension: (Google Search) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-16]

CHR Extension: (Speed Dial) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2015-01-28]

CHR Extension: (Foxtab Speed Dial) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2015-01-28]

CHR Extension: (Flixster) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2013-07-02]

CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-04-16]

CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-01-28]

CHR Extension: (Google Mail Checker) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-07-02]

CHR Extension: (Facebook Notifications) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo [2013-07-02]

CHR Extension: (Google Wallet) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]

CHR Extension: (Gmail) - C:\Users\Trent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-16]

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-09]

StartMenuInternet: Google Chrome - C:\Users\Trent\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)

S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-03-21] (Creative Labs) [File not signed]

S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-03-21] (Creative Labs) [File not signed]

R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]

R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-06-27] (Freemake) [File not signed]

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)

R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]

R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-18] ()

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2013-11-01] (PasswordBox, Inc.) [File not signed]

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

S3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2012-03-21] (Creative Labs) [File not signed]

R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-15] (AVG Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 11:56 - 2015-01-31 11:56 - 00000000 ____D () C:\Users\Trent\Downloads\FRST-OlderVersion

2015-01-31 11:37 - 2012-04-04 17:47 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll

2015-01-31 11:37 - 2012-04-04 17:47 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll

2015-01-31 00:08 - 2015-01-31 00:11 - 00001728 _____ () C:\VEW.txt

2015-01-30 23:53 - 2015-01-30 23:53 - 00061440 _____ ( ) C:\Users\Trent\Desktop\VEW.exe

2015-01-30 23:21 - 2015-01-30 23:21 - 00057260 _____ () C:\Users\Trent\Downloads\Shortcut.txt

2015-01-30 23:10 - 2015-01-30 23:10 - 00000000 ____D () C:\Users\Trent\Downloads\bootex

2015-01-30 23:06 - 2015-01-30 23:06 - 00000380 _____ () C:\Users\Trent\Downloads\bootex.zip

2015-01-30 16:01 - 2015-01-31 00:17 - 00010317 _____ () C:\Users\Trent\Documents\System Idle Process.txt

2015-01-30 15:52 - 2015-01-30 15:52 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Trent\Desktop\procexp.exe

2015-01-30 15:51 - 2015-01-30 15:51 - 00002055 _____ () C:\junk

2015-01-30 14:33 - 2015-01-30 23:21 - 00034979 _____ () C:\Users\Trent\Downloads\Addition.txt

2015-01-30 14:31 - 2015-01-31 12:08 - 00023719 _____ () C:\Users\Trent\Downloads\FRST.txt

2015-01-30 14:28 - 2015-01-31 12:07 - 00000000 ____D () C:\FRST

2015-01-30 14:28 - 2015-01-31 11:56 - 02130944 _____ (Farbar) C:\Users\Trent\Downloads\FRST64.exe

2015-01-29 11:33 - 2015-01-29 11:33 - 00000000 __SHD () C:\Users\Trent\AppData\Local\EmieBrowserModeList

2015-01-28 16:29 - 2015-01-28 16:29 - 00602112 _____ (OldTimer Tools) C:\Users\Trent\Downloads\OTL (1).exe

2015-01-28 15:50 - 2015-01-31 12:02 - 00003340 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4108897128-1100751025-739537080-1001

2015-01-28 15:50 - 2015-01-31 12:02 - 00003206 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4108897128-1100751025-739537080-1001

2015-01-28 15:36 - 2015-01-28 15:36 - 00000310 _____ () C:\Windows\PFRO.log

2015-01-28 15:28 - 2015-01-28 15:34 - 00000000 ____D () C:\AdwCleaner

2015-01-28 15:26 - 2015-01-28 15:26 - 00111990 _____ () C:\Users\Trent\Downloads\OTL scan quick.txt

2015-01-28 15:26 - 2015-01-28 15:26 - 00090746 _____ () C:\Users\Trent\Downloads\Extras.Txt

2015-01-28 15:19 - 2015-01-28 15:19 - 00111990 _____ () C:\Users\Trent\Downloads\OTL.Txt

2015-01-28 15:04 - 2015-01-28 15:04 - 02194432 _____ () C:\Users\Trent\Downloads\AdwCleaner.exe

2015-01-28 14:56 - 2015-01-28 14:56 - 00000000 ____D () C:\_OTL

2015-01-28 14:55 - 2015-01-28 14:55 - 00602112 _____ (OldTimer Tools) C:\Users\Trent\Downloads\OTL.exe

2015-01-28 14:54 - 2015-01-28 14:54 - 00775968 _____ (Reimage®) C:\Users\Trent\Downloads\ReimageRepair.exe

2015-01-28 14:10 - 2015-01-31 12:00 - 00000616 _____ () C:\Windows\setupact.log

2015-01-28 14:10 - 2015-01-28 14:10 - 00000000 _____ () C:\Windows\setuperr.log

2015-01-28 14:03 - 2015-01-28 14:03 - 00314312 _____ () C:\Users\Trent\Documents\cc_20150128_140245.reg

2015-01-28 14:01 - 2015-01-28 14:01 - 00104616 _____ () C:\Users\Trent\Documents\duplicate.txt

2015-01-28 13:47 - 2015-01-28 13:47 - 00009022 _____ () C:\Users\Trent\Documents\startup.txt

2015-01-28 13:45 - 2015-01-28 13:45 - 00000000 ____D () C:\Windows\pss

2015-01-27 11:41 - 2015-01-27 11:41 - 00019129 _____ () C:\Users\Trent\Downloads\Itemized Features.ods

2015-01-22 17:40 - 2015-01-28 14:22 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-01-22 17:39 - 2015-01-22 17:39 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-01-22 17:39 - 2015-01-22 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-01-22 17:39 - 2015-01-22 17:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-01-22 17:39 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-01-22 17:39 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-01-22 17:39 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-01-22 17:38 - 2015-01-22 17:38 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Trent\Downloads\mbam-setup-2.0.4.1028.exe

2015-01-22 16:53 - 2015-01-22 16:53 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC

2015-01-22 16:53 - 2015-01-22 16:53 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2015-01-22 16:53 - 2015-01-22 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-01-22 16:53 - 2015-01-22 16:53 - 00000000 ____D () C:\Program Files\CCleaner

2015-01-22 16:52 - 2015-01-22 16:52 - 05317104 _____ (Piriform Ltd) C:\Users\Trent\Downloads\ccsetup501.exe

2015-01-22 13:03 - 2015-01-22 13:03 - 03551568 _____ (K9 Tools ) C:\Users\Trent\Downloads\setup (1).exe

2015-01-22 12:59 - 2015-01-22 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K9-PCFixer

2015-01-22 12:59 - 2015-01-22 13:00 - 00000000 ____D () C:\Program Files (x86)\K9-PCFixer

2015-01-22 12:59 - 2015-01-22 12:59 - 00000000 ____D () C:\Users\Trent\AppData\Roaming\K9-PCFixer

2015-01-21 12:43 - 2015-01-21 12:43 - 00000000 ____D () C:\Users\Trent\AppData\Roaming\AVG2015

2015-01-21 12:38 - 2015-01-21 12:38 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk

2015-01-21 12:36 - 2015-01-22 13:00 - 00000000 ____D () C:\ProgramData\AVG2015

2015-01-21 12:31 - 2015-01-22 12:51 - 00000000 ____D () C:\Users\Trent\AppData\Local\Avg2015

2015-01-19 15:30 - 2015-01-19 15:30 - 00001105 _____ () C:\Users\Trent\Desktop\desktoptools.lnk

2015-01-19 15:30 - 2015-01-19 15:30 - 00000000 ____D () C:\Users\Trent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Workspace

2015-01-16 12:34 - 2015-01-16 17:15 - 00000000 ____D () C:\Program Files (x86)\Wondershare

2015-01-16 12:34 - 2015-01-16 12:35 - 00000000 ____D () C:\ProgramData\Wondershare

2015-01-16 12:34 - 2015-01-16 12:34 - 00000000 ___HD () C:\Program Files (x86)\Dr.Fone_Temp

2015-01-16 12:34 - 2015-01-16 12:34 - 00000000 ____D () C:\Users\Trent\AppData\Local\Wondershare

2015-01-16 12:32 - 2015-01-16 12:33 - 28656128 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Trent\Downloads\ios-recovery.exe

2015-01-16 12:02 - 2015-01-16 12:02 - 00000000 ____D () C:\Users\Trent\Documents\Backup

2015-01-14 09:43 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-01-14 09:42 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2015-01-14 09:42 - 2014-12-11 12:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2015-01-14 09:42 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2015-01-14 09:42 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2015-01-14 09:42 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2015-01-14 09:41 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-01-14 09:41 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-01-14 09:41 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-01-14 09:41 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-01-14 09:41 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-01-14 09:41 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-01-14 09:41 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-01-10 13:50 - 2015-01-10 13:50 - 00000000 __SHD () C:\Users\Guest\AppData\Local\EmieBrowserModeList

2015-01-03 16:33 - 2015-01-28 13:42 - 00003122 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 12:06 - 2009-07-14 00:10 - 01609471 _____ () C:\Windows\WindowsUpdate.log

2015-01-31 12:04 - 2013-07-02 13:27 - 00000000 ____D () C:\Users\Trent\AppData\Local\Deployment

2015-01-31 12:03 - 2012-04-11 18:33 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-01-31 12:00 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-01-31 11:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2015-01-31 11:08 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-01-31 11:08 - 2009-07-13 23:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-01-31 10:57 - 2012-04-09 10:30 - 00000000 ____D () C:\ProgramData\MFAData

2015-01-30 15:05 - 2013-11-15 16:16 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask

2015-01-30 09:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-01-30 03:05 - 2013-07-02 13:39 - 00779276 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2015-01-30 03:05 - 2009-07-14 00:13 - 00779276 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-01-28 15:34 - 2012-12-12 11:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-01-28 13:42 - 2013-11-15 16:16 - 00003986 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask

2015-01-27 09:14 - 2012-04-11 18:33 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-27 09:14 - 2012-04-11 18:33 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-01-27 09:14 - 2012-03-21 20:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-01-26 20:12 - 2012-03-21 20:22 - 00002368 _____ () C:\Users\Trent\Desktop\Google Chrome.lnk

2015-01-26 12:42 - 2012-09-27 09:03 - 00000336 _____ () C:\Windows\BRCALIB.INI

2015-01-23 11:33 - 2012-03-24 18:28 - 00000000 ____D () C:\Users\Trent\AppData\Roaming\Skype

2015-01-22 17:03 - 2012-07-07 17:21 - 00000000 ____D () C:\Windows\Minidump

2015-01-22 17:03 - 2012-03-20 10:49 - 00000000 ____D () C:\Windows\Panther

2015-01-22 12:55 - 2012-04-04 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-01-22 12:55 - 2012-04-04 12:29 - 00000000 ____D () C:\Program Files (x86)\HP

2015-01-22 12:54 - 2012-04-04 12:29 - 00000000 ____D () C:\Users\Trent\AppData\Roaming\HpUpdate

2015-01-21 13:11 - 2012-12-14 00:27 - 00000000 ____D () C:\ProgramData\AVG2013

2015-01-21 13:09 - 2013-03-21 21:29 - 00000000 ____D () C:\Users\Trent\Desktop\TAXES

2015-01-21 12:44 - 2012-04-09 10:38 - 00000000 ____D () C:\Program Files (x86)\AVG

2015-01-21 12:41 - 2014-11-19 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2015-01-21 12:41 - 2012-04-09 10:39 - 00000000 ___HD () C:\$AVG

2015-01-19 15:30 - 2012-03-26 19:37 - 00000000 ____D () C:\Program Files (x86)\Workspace

2015-01-19 15:29 - 2012-03-26 18:46 - 00000000 ____D () C:\Users\Trent\AppData\Local\Workspace

2015-01-16 17:30 - 2012-03-21 20:37 - 00000000 ____D () C:\ProgramData\McAfee

2015-01-16 17:23 - 2013-12-10 20:15 - 00000000 ____D () C:\Program Files (x86)\Shutterfly

2015-01-16 17:17 - 2012-03-21 20:22 - 00000000 ____D () C:\Program Files (x86)\Citrix

2015-01-16 12:00 - 2012-03-21 19:46 - 00000000 ____D () C:\Users\Trent

2015-01-15 15:53 - 2013-02-18 11:13 - 00000000 ____D () C:\Users\Trent\Downloads\doggy

2015-01-15 03:10 - 2013-07-13 02:02 - 00000000 ____D () C:\Windows\system32\MRT

2015-01-15 03:00 - 2012-03-22 00:34 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-01-14 20:49 - 2013-09-24 19:37 - 00000000 ____D () C:\Users\Trent\Desktop\Chapel Ridge

2015-01-14 16:55 - 2013-10-25 12:39 - 00000000 ____D () C:\Users\Trent\Desktop\Brandon

2015-01-08 09:55 - 2012-03-23 14:23 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-07-02 13:36 - 2013-07-02 13:36 - 0889416 _____ (Microsoft Corporation) C:\Users\Trent\AppData\Roaming\dotNetFx40_Full_setup.exe

2012-03-26 10:41 - 2012-05-08 13:36 - 0011399 _____ () C:\Users\Trent\AppData\Roaming\SmarThruOptions.xml

2013-01-05 09:54 - 2013-02-04 18:16 - 0000106 _____ () C:\Users\Trent\AppData\Roaming\wklnhst.dat

2012-03-24 23:54 - 2014-11-06 16:25 - 0012800 _____ () C:\Users\Trent\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2012-11-28 17:21 - 2013-04-09 13:10 - 0001799 _____ () C:\ProgramData\hpzinstall.log

2012-04-12 12:44 - 2012-04-12 12:44 - 7713860 _____ () C:\ProgramData\SamPCFax000019600000

2014-03-05 12:48 - 2014-03-05 12:48 - 0001744 _____ () C:\ProgramData\__wdump.txt

Some content of TEMP:

====================

C:\Users\Trent\AppData\Local\Temp\Quarantine.exe

C:\Users\Trent\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-22 02:31

==================== End Of Log ============================

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: windows 7, cache, fan, malware, not responding, multiple chrome.exe 32, fan on and off

Windows Xp Retired Forums → Windows XP, 2000, 2003, NT → My online history seems to have disappeared on my Win XP, Firefox sys Started by dowsp , 20 Apr 2024 Windows Xp, History	0 replies 23,075 views	dowsp 20 Apr 2024
Security → Virus, Spyware, Malware Removal → Help removing a suspected Trojan Started by RobJames , 01 Feb 2024 FXSAPIDebugLogFile and 2 more...	11 replies 11,023 views	RKinner 07 Feb 2024
Hardware → Hardware, Components and Peripherals → Recover the hard drive Started by Andrew Board , 16 Jan 2024 data recovery, hard drive, help and 1 more...	2 replies 673 views	phillpower2 16 Jan 2024
Security → Virus, Spyware, Malware Removal → Hijacked Windows defender [Closed] Started by relay , 17 Nov 2023 shell, spyware, keylogger and 2 more...	8 replies 3,050 views	DR M 23 Nov 2023
#linux Discussion → Off-Topic → Two different OS on two different drivers - recommended? Started by Killian Gharrah , 17 Sep 2023 #linux, #windows, #SSD, #HDD	1 reply 2,610 views	Killian Gharrah 17 Sep 2023