Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Chrome Install Infection


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Much better.

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

  • 0

Advertisements


#17
chosen072

chosen072

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts

FRST Fix

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-02-2015 01
Ran by Chosen072 at 2015-02-20 17:05:29 Run:4
Running from C:\Users\Chosen072\Desktop
Loaded Profiles: Chosen072 (Available profiles: Chosen072 & Guest)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
URLSearchHook: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> DefaultScope {13BA74AE-E197-454E-B8DB-18B78838913A} URL = http://binkiland.com...r=252158215&ir=
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {13BA74AE-E197-454E-B8DB-18B78838913A} URL = http://binkiland.com...r=252158215&ir=
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {3BB94474-A314-4576-8AA2-2EC058F35DF5} URL = http://www.flickr.co...q={searchTerms}
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {5065E8C3-F3BD-4103-80B4-2AA72165195D} URL = http://rover.ebay.co...e={searchTerms}
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {5F4764C9-A953-44D8-BA81-4C334ADB8090} URL = http://rover.ebay.co...36017972&type=3
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {FAB2F0FF-089C-49EA-BFBF-2EAAA16E7367} URL = http://delicious.com...p={searchTerms}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
R2 aswMonFlt; C:\Windows\System32\DRIVERS\aswMonFlt.sys [53328 2009-11-24] (ALWIL Software)
R1 uzm2mjyx; C:\Windows\system32\Drivers\uzm2mjyx.sys [11264 2009-12-16] () [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\CHOSEN~1\AppData\Local\Temp\catchme.sys [X]
U4 eabfiltr; No ImagePath
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 MCSTRM; No ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
S1 vdm2mjyx; \??\C:\Windows\system32\Drivers\vdm2mjyx.sys [X]
2015-02-17 16:06 - 2015-02-18 13:10 - 00000000 ____D () C:\Users\Chosen072\AppData\Local\Binkiland
2014-11-12 17:44 - 2014-11-12 17:44 - 6000640 _____ () C:\Program Files\GUTE522.tmp
C:\Windows\Installer\{7010948b-bb39-2899-d241-63e1223a2d35}
C:\Users\Chosen072\AppData\Local\{7010948b-bb39-2899-d241-63e1223a2d35}
C:\ProgramData\ezsid.dat
C:\Users\Chosen072\MetricCollection.dll
C:\Users\Chosen072\AppData\Local\Google\Chrome\User Data\Default
CMD: netsh winsock reset


*****************

HKU\S-1-5-21-984307550-3928441585-2128114710-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => Key not found.
HKCR\CLSID\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} => Key not found.
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{13BA74AE-E197-454E-B8DB-18B78838913A} => Key not found.
HKCR\CLSID\{13BA74AE-E197-454E-B8DB-18B78838913A} => Key not found.
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BB94474-A314-4576-8AA2-2EC058F35DF5} => Key not found.
HKCR\CLSID\{3BB94474-A314-4576-8AA2-2EC058F35DF5} => Key not found.
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5065E8C3-F3BD-4103-80B4-2AA72165195D} => Key not found.
HKCR\CLSID\{5065E8C3-F3BD-4103-80B4-2AA72165195D} => Key not found.
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5F4764C9-A953-44D8-BA81-4C334ADB8090} => Key not found.
HKCR\CLSID\{5F4764C9-A953-44D8-BA81-4C334ADB8090} => Key not found.
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FAB2F0FF-089C-49EA-BFBF-2EAAA16E7367} => Key not found.
HKCR\CLSID\{FAB2F0FF-089C-49EA-BFBF-2EAAA16E7367} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
aswMonFlt => Service not found.
uzm2mjyx => Service not found.
blbdrive => Service not found.
catchme => Service not found.
eabfiltr => Service not found.
HTCAND32 => Service not found.
IpInIp => Service not found.
MCSTRM => Service not found.
NwlnkFlt => Service not found.
NwlnkFwd => Service not found.
SymIMMP => Service not found.
vdm2mjyx => Service not found.
"C:\Users\Chosen072\AppData\Local\Binkiland" => File/Directory not found.
"C:\Program Files\GUTE522.tmp" => File/Directory not found.
"C:\Windows\Installer\{7010948b-bb39-2899-d241-63e1223a2d35}" => File/Directory not found.
"C:\Users\Chosen072\AppData\Local\{7010948b-bb39-2899-d241-63e1223a2d35}" => File/Directory not found.
"C:\ProgramData\ezsid.dat" => File/Directory not found.
"C:\Users\Chosen072\MetricCollection.dll" => File/Directory not found.
"C:\Users\Chosen072\AppData\Local\Google\Chrome\User Data\Default" => File/Directory not found.

=========  netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


==== End of Fixlog 17:05:33 ====

 

 

FRST Log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Chosen072 (administrator) on ROBINS-LT on 20-02-2015 17:06:34
Running from C:\Users\Chosen072\Desktop
Loaded Profiles: Chosen072 (Available profiles: Chosen072 & Guest)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\System32\escsvc.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
() C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
() C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Samsung) C:\Program Files\SAMSUNG\Kies\Kies.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-10-03] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [NielsenOnline] => C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [91872 2015-01-16] (The Nielsen Company)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44128 2006-11-07] (soft thinks)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [Amazon Cloud Player] => C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-18\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Policies\Explorer: [NoSetActiveDesktop] 0
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yah...xplorer/welcome
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://search.yahoo....ing}&fr=hp-pvdt
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {6CD9BBE3-DD01-49C6-BE7D-9AC27CA79035} URL = http://www.amazon.co...de=ur2&ie=UTF-8
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Chosen072\AppData\Roaming\Mozilla\Firefox\Profiles\hf9gv40m.default
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nielsen/FirefoxTracker -> C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\Chosen072\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Chosen072\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Chosen072\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @talk.google.com/O1DPlugin -> C:\Users\Chosen072\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chosen072\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Chosen072\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-03-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-03-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\[email protected]
FF Extension: Nielsen NetSight - C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\[email protected] [2015-02-20]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-12-09]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{57E72829-C158-4341-BBED-58F0AD1740FD}] - C:\Program Files\Google\Google Photos Screensaver\FF_ext
FF HKU\S-1-5-20\...\Firefox\Extensions: [{57E72829-C158-4341-BBED-58F0AD1740FD}] - C:\Program Files\Google\Google Photos Screensaver\FF_ext
FF HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Chosen072\Program Files\DNA
FF Extension: DNA - C:\Users\Chosen072\Program Files\DNA [2008-10-26]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\CHOSEN~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-09]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-02-15] (Adobe Systems) [File not signed]
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-01] (Macrovision Europe Ltd.) [File not signed]
R2 FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [460144 2010-12-15] ()
R2 FlipShareServer; C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2010-12-15] () [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 NielsenUpdate; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2934496 2015-01-16] (The Nielsen Company)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-19] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-19] ()
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2007-02-12] (Sonic Solutions) [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 atapi; C:\Windows\System32\Drivers\tsk_atapi.sys [19944 2009-12-16] () [File not signed]
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [67840 2009-07-16] (Option N.V.)
S3 GTUHSNDISIPXP; C:\Windows\System32\DRIVERS\gtuhs51.sys [107776 2009-07-16] (Option N.V.)
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2009-07-16] (Option N.V.)
S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [160768 2007-04-11] (Conexant Systems Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 nnfwdk; C:\Program Files\NetRatingsNetSight\NetSight\meter2\nnfwdk.sys [23264 2015-01-16] (The Nielsen Company)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [26760 2008-08-22] ()
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2010-09-28] (Apple, Inc.) [File not signed]
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1956096 2009-06-26] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 11:45 - 2015-02-20 11:46 - 00054080 _____ () C:\Users\Chosen072\Desktop\Addition.txt
2015-02-20 11:43 - 2015-02-20 17:07 - 00024781 _____ () C:\Users\Chosen072\Desktop\FRST.txt
2015-02-20 10:19 - 2015-02-20 10:26 - 00000000 ____D () C:\Users\Chosen072\Desktop\Virus Log
2015-02-20 09:28 - 2015-02-20 09:28 - 00000000 _____ () C:\extensions.sqlite
2015-02-20 04:08 - 2015-02-20 17:06 - 00000000 ____D () C:\FRST
2015-02-20 04:05 - 2015-02-20 04:05 - 01126400 _____ (Farbar) C:\Users\Chosen072\Desktop\FRST.exe
2015-02-19 17:10 - 2015-02-19 17:10 - 01388274 _____ (Thisisu) C:\Users\Chosen072\Desktop\JRT.exe
2015-02-19 16:34 - 2015-02-19 17:04 - 00000000 ____D () C:\AdwCleaner
2015-02-19 16:32 - 2015-02-19 16:32 - 02126848 _____ () C:\Users\Chosen072\Desktop\AdwCleaner.exe
2015-02-19 13:27 - 2015-02-19 13:54 - 00000000 ____D () C:\ComboFix
2015-02-18 22:02 - 2015-02-18 22:03 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Chosen072\Desktop\tdsskiller.exe
2015-02-18 17:20 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-18 17:20 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-18 17:20 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-18 17:06 - 2015-02-18 17:07 - 05198336 _____ (AVAST Software) C:\Users\Chosen072\Desktop\aswMBR.exe
2015-02-18 17:05 - 2015-02-18 17:05 - 05611903 ____R (Swearware) C:\Users\Chosen072\Desktop\ComboFix.exe
2015-02-18 14:57 - 2015-02-18 14:58 - 00000000 ____D () C:\Users\Chosen072\Desktop\Images
2015-02-17 16:20 - 2015-02-18 22:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 16:19 - 2015-02-17 16:19 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 16:19 - 2015-02-17 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 16:19 - 2015-02-17 16:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-17 16:19 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 16:19 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 16:03 - 2015-02-17 16:03 - 00000000 ____D () C:\ProgramData\Unchecky
2015-02-17 13:54 - 2015-02-17 13:54 - 00000000 ____D () C:\Users\Chosen072\Documents\2015 Tax Return
2015-02-17 10:49 - 2015-01-22 22:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-17 10:49 - 2015-01-22 21:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-16 17:00 - 2015-02-20 09:36 - 00022177 _____ () C:\Windows\setupact.log
2015-02-16 17:00 - 2015-02-16 17:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-13 12:34 - 2014-11-25 21:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 12:33 - 2015-01-08 19:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 12:31 - 2015-01-12 20:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 12:19 - 2015-01-14 23:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 12:12 - 2014-12-07 20:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 09:21 - 2015-01-13 20:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 09:21 - 2015-01-13 20:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-12 09:21 - 2015-01-13 20:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 09:21 - 2015-01-13 20:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 09:21 - 2015-01-13 20:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 09:21 - 2015-01-13 20:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 09:21 - 2015-01-13 20:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 09:21 - 2015-01-13 20:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 09:21 - 2015-01-13 20:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-12 09:21 - 2015-01-13 20:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-12 09:20 - 2015-01-13 20:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 09:20 - 2015-01-13 20:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 09:20 - 2015-01-13 20:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-12 09:20 - 2015-01-13 20:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-09 11:31 - 2015-02-09 11:31 - 02842624 _____ () C:\Users\Chosen072\Downloads\SmartApp.msi
2015-01-27 11:55 - 2015-01-27 11:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 17:31 - 2015-01-26 17:31 - 00000662 _____ () C:\Users\Chosen072\Desktop\health care info.txt
2015-01-22 12:36 - 2015-01-22 12:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk_01009.Wdf
2015-01-22 12:28 - 2015-01-22 12:31 - 00000934 _____ () C:\nsinst.log
2015-01-22 12:28 - 2015-01-22 12:28 - 00000000 ____D () C:\Program Files\NetRatingsNetSight
2015-01-22 12:27 - 2015-01-22 12:27 - 02790608 _____ (The Nielsen Company) C:\Users\Chosen072\Downloads\netsight_setup_6.2.0.15_MP_Production_mid60576379915_p.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 17:05 - 2014-02-07 23:00 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2015-02-20 17:01 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-20 17:01 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-20 16:50 - 2009-02-16 04:35 - 00178663 _____ () C:\ProgramData\nvModes.dat
2015-02-20 16:50 - 2009-02-16 04:35 - 00178663 _____ () C:\ProgramData\nvModes.001
2015-02-20 16:49 - 2012-12-29 12:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-20 16:44 - 2014-11-16 13:32 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000UA.job
2015-02-20 16:12 - 2013-02-08 10:50 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 16:04 - 2013-02-14 18:09 - 01726691 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 15:51 - 2012-04-09 10:22 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000Core.job
2015-02-20 15:03 - 2013-02-09 07:33 - 00000000 ___RD () C:\Users\Chosen072\Google Drive
2015-02-20 15:02 - 2014-07-12 05:06 - 00000217 _____ () C:\Windows\TWAIN.LOG
2015-02-20 15:02 - 2013-08-09 21:15 - 00000005 _____ () C:\Windows\Twain001.Mtx
2015-02-20 15:01 - 2013-08-09 21:15 - 00000156 _____ () C:\Windows\Twunk001.MTX
2015-02-20 15:01 - 2007-08-04 22:04 - 00000000 ____D () C:\Windows\SMINST
2015-02-20 13:08 - 2006-11-02 05:33 - 00762770 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 13:01 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 13:00 - 2014-08-16 03:39 - 00018386 _____ () C:\Windows\PFRO.log
2015-02-20 12:38 - 2010-08-31 14:06 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-02-20 12:38 - 2006-11-02 08:01 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-20 12:36 - 2008-01-30 02:47 - 00000000 ____D () C:\Users\Chosen072
2015-02-20 10:58 - 2014-05-30 18:14 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForChosen072.job
2015-02-20 09:24 - 2010-03-06 22:54 - 00000021 _____ () C:\Users\Public\Documents\hpqp.txt
2015-02-19 16:57 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache
2015-02-19 16:42 - 2010-03-15 06:48 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-02-19 13:50 - 2006-11-02 05:23 - 00000215 _____ () C:\Windows\system.ini
2015-02-19 13:49 - 2008-01-30 22:34 - 00000000 ____D () C:\Users\Chosen072\AppData\Local\Adobe
2015-02-19 13:27 - 2012-02-20 07:41 - 00002229 _____ () C:\Windows\epplauncher.mif
2015-02-18 23:05 - 2014-02-07 23:00 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2015-02-18 21:59 - 2012-05-14 14:26 - 00000512 _____ () C:\Users\Chosen072\Desktop\MBR.dat
2015-02-18 17:20 - 2012-05-15 05:34 - 00000000 ____D () C:\Qoobox
2015-02-17 16:19 - 2009-08-14 11:47 - 00000000 ____D () C:\Users\Chosen072\AppData\Roaming\Malwarebytes
2015-02-17 16:19 - 2009-08-14 11:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-16 17:30 - 2006-11-02 07:47 - 01822992 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-16 15:43 - 2014-11-19 10:32 - 00000000 ____D () C:\Users\Chosen072\Documents\Mom's Inc
2015-02-16 15:27 - 2012-07-18 09:18 - 00000000 ____D () C:\Users\Chosen072\AppData\Local\Firestorm
2015-02-13 13:22 - 2013-08-08 22:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 12:35 - 2010-05-17 02:16 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 12:34 - 2007-08-04 21:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 12:19 - 2012-05-15 18:35 - 00001788 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-13 12:17 - 2012-05-15 18:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-09 11:48 - 2008-03-16 14:05 - 00000680 _____ () C:\Users\Chosen072\AppData\Local\d3d9caps.dat
2015-02-05 03:07 - 2013-02-08 10:50 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 15:49 - 2012-04-12 07:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-04 15:49 - 2012-02-21 08:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-02 13:11 - 2008-06-13 09:19 - 00000000 ____D () C:\Users\Chosen072\AppData\Roaming\Mozilla
2015-01-29 14:36 - 2013-02-09 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-28 14:24 - 2013-03-23 08:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-21 06:47 - 2014-12-30 04:59 - 00000000 ____D () C:\Users\Chosen072\Documents\Theories of Teaching and Learning

==================== Files in the root of some directories =======

2008-08-12 07:11 - 2009-07-07 13:21 - 0870128 _____ () C:\Users\Chosen072\AppData\Roaming\mcs.rma
2008-01-30 11:03 - 2009-02-15 18:04 - 0027715 _____ () C:\Users\Chosen072\AppData\Roaming\nvModes.001
2008-01-30 07:14 - 2008-10-09 16:24 - 0027715 _____ () C:\Users\Chosen072\AppData\Roaming\nvModes.dat
2009-07-26 11:36 - 2009-10-04 18:29 - 0007887 _____ () C:\Users\Chosen072\AppData\Roaming\pcouffin.cat
2009-07-26 11:36 - 2009-10-04 18:29 - 0001144 _____ () C:\Users\Chosen072\AppData\Roaming\pcouffin.inf
2009-07-26 11:38 - 2009-10-04 18:29 - 0000033 _____ () C:\Users\Chosen072\AppData\Roaming\pcouffin.log
2009-07-26 11:36 - 2009-10-04 18:29 - 0047360 _____ (VSO Software) C:\Users\Chosen072\AppData\Roaming\pcouffin.sys
2009-12-10 16:13 - 2009-12-10 16:29 - 0000035 _____ () C:\Users\Chosen072\AppData\Roaming\SetValue.bat
2008-01-30 06:14 - 2008-02-25 13:51 - 0031007 _____ () C:\Users\Chosen072\AppData\Roaming\UserTile.png
2009-10-04 06:28 - 2009-10-04 06:28 - 63073179 _____ (F.A.S ®                                                     ) C:\Users\Chosen072\AppData\Roaming\Virtual_DJ_Setup.exe
2008-01-31 05:02 - 2012-04-11 16:06 - 0003770 _____ () C:\Users\Chosen072\AppData\Roaming\wklnhst.dat
2008-01-30 02:58 - 2008-01-30 02:58 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\AtStart.txt
2008-03-16 14:05 - 2015-02-09 11:48 - 0000680 _____ () C:\Users\Chosen072\AppData\Local\d3d9caps.dat
2008-01-30 11:21 - 2015-01-13 17:26 - 0109056 _____ () C:\Users\Chosen072\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-01-30 02:58 - 2008-01-30 02:58 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\DSwitch.txt
2008-01-30 02:58 - 2008-01-30 02:58 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\QSwitch.txt
2008-03-04 11:30 - 2008-03-04 11:30 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\rx_image.Cache
2013-08-28 05:04 - 2013-09-06 18:28 - 0000072 _____ () C:\Users\Chosen072\AppData\Local\slurlproxy.csv
2009-09-09 18:06 - 2009-09-09 18:06 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2007-08-04 21:43 - 2010-08-23 15:29 - 0009322 _____ () C:\ProgramData\hpzinstall.log
2008-04-09 20:37 - 2008-04-09 20:47 - 0014958 _____ () C:\ProgramData\LUUnInstall.LiveUpdate
2009-02-16 04:35 - 2015-02-20 16:50 - 0178663 _____ () C:\ProgramData\nvModes.001
2009-02-16 04:35 - 2015-02-20 16:50 - 0178663 _____ () C:\ProgramData\nvModes.dat

Some content of TEMP:
====================
C:\Users\Chosen072\AppData\Local\temp\Quarantine.exe
C:\Users\Chosen072\AppData\Local\temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\System32\tcpmon.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-20 13:16

==================== End Of Log ============================

 

Addition Log

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-02-2015 01
Ran by Chosen072 at 2015-02-20 17:08:09
Running from C:\Users\Chosen072\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.00.15.58233 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Audition 3.0 (HKLM\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader 8.2.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A82000000003}) (Version: 8.2.5 - Adobe Systems Incorporated)
AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Amazon Cloud Player (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Kindle (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music Importer (HKLM\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
Amazon Music Importer (Version: 2.1.0 - Amazon Services LLC) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
C4200 (Version: 90.0.222.000 - Hewlett-Packard) Hidden
C4200_doccd (Version: 90.0.222.000 - Hewlett-Packard) Hidden
c4200_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 2.36 - Piriform)
Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.61 - Conexant)
Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DNA (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
DocProc (Version: 9.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ESU for Microsoft Vista (HKLM\...\{54F7A791-38DE-4439-AB3F-B3F7DDA89C75}) (Version: 2.0.5.1 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
FileZilla Client 3.5.3 (HKLM\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Firestorm-Release (remove only) (HKLM\...\Firestorm-Release) (Version: 4.4.2.34167 - The Phoenix Firestorm Project, Inc.)
FlipShare (HKLM\...\{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}) (Version: 5.10.25.0 - Flip Video)
Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.2.4.1230 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.1.42.1212 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.42.1212 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
Google Drive (HKLM\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToMeeting 6.0.0.1259 (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version:  - )
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.1.0.2278 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.1.0.2279 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP)
HP Photosmart All-In-One Software 9.0 (HKLM\...\{B09BCBF6-87EE-4403-A336-3A9510856535}) (Version: 9.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 4.0.0011 - Hewlett-Packard Company)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 112.200.19110 - Hewlett-Packard)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Total Care Advisor (HKLM\...\{F6B29003-A078-4491-AFBE-62EFB6CFFE19}) (Version: 1.1.19 - Hewlett-Packard)
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HP User Guides 0056 (HKLM\...\{5AB56552-6938-4686-9F87-DB0ED8D1E06B}) (Version: 1.02.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H3 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
InstantShareDevicesMFC (Version: 90.0.146.000 - Hewlett-Packard) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.710 - Oracle)
Jing (HKLM\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LightScribe  1.6.43.1 (Version: 1.6.43.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSCU for Microsoft Vista (HKLM\...\{F7F3B252-E772-48AA-93EB-7964BC326067}) (Version: 1.0.1.3 - Hewlett-Packard)
MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My HP Games (HKLM\...\WildTangent hplaptop Master Uninstall) (Version: HPLAP0503 - WildTangent)
MyFreeCodec (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\MyFreeCodec) (Version:  - )
Nielsen (HKLM\...\NetSight) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 5.6.4 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8AAB4176-A747-493A-A42C-B63CFADFD8E3}) (Version: 9.09.0010 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Outlook Setup Tool (HKLM\...\outlookset) (Version: 2.2.19 - Starfield Technologies)
[email protected] (HKLM\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
PanoStandAlone (Version: 90.0.146.000 - Hewlett-Packard) Hidden
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS_AIO_ProductContext (Version: 90.0.222.000 - Hewlett-Packard) Hidden
PS_AIO_Software (Version: 90.0.222.000 - Hewlett-Packard) Hidden
PS_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}) (Version: 9.0.551 - Roxio)
SAM Broadcaster v4 (HKLM\...\SAM3) (Version: v4 - Spacial Audio Solutions, LLC)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SmartAudio (HKLM\...\SmartAudio) (Version:  - Conexant)
Software Updater (HKLM\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UserTesting.com Recorder Plugin (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\UserTestingPlugin) (Version:  - UserTesting.com)
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
VirtualDJ Broadcaster (HKLM\...\{7B5B18A3-9FF8-4387-91D6-D8DE78CFFE12}) (Version: 7.4 - Atomix Productions)
VLC media player 1.0.0 (HKLM\...\VLC media player) (Version: 1.0.0 - VideoLAN Team)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.62.0 - Verizon)
VzDownloadManager (HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\VzDownloadManager) (Version: 2.0.0.2 - Verizon)
WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden
Winamp Toolbar for Firefox (HKLM\...\Winamp Toolbar for Firefox) (Version: 5.5.1.1 - AOL LLC) <==== ATTENTION
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WONswap (HKLM\...\WONswap) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Chosen072\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1259\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{9788FDD8-F21B-E1F2-1C9D-2A2380EFCB96}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{a3c6dafc-e193-42fc-adca-5316b5d6d653}\InprocServer32 -> C:\Users\Chosen072\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Chosen072\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{C4987136-80E4-92F6-FBB6-EF5BE1F6A7AC}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{C770960D-95BA-0951-C453-F60C40266C3F}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-984307550-3928441585-2128114710-1000_Classes\CLSID\{FD8C4664-A2D4-97EC-185D-875E454333FE}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)

==================== Restore Points  =========================

09-02-2015 11:32:14 Installed SmartApp
10-02-2015 14:18:42 Windows Update
13-02-2015 11:56:32 Windows Update
16-02-2015 08:28:02 Windows Update
18-02-2015 09:09:12 Windows Update
19-02-2015 00:31:38 Scheduled Checkpoint
19-02-2015 03:00:18 Windows Update
20-02-2015 13:50:41 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-05-15 06:01 - 2015-02-19 13:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D69FE1A-7FE4-4084-B6C4-8A880FD6DD88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {0E95231E-B288-4292-B9AF-4C23FD2C36B5} - System32\Tasks\{0F095141-D75E-459B-95EF-83942A1842A7} => pcalua.exe -a "C:\Users\Chosen072\Downloads\Atomix Virtual DJ Pro 6.0\setup.exe" -d "C:\Users\Chosen072\Downloads\Atomix Virtual DJ Pro 6.0"
Task: {103839E0-F72B-40F3-BE9D-F7C1D8C74359} - System32\Tasks\{C1C84823-A1BE-4D7C-ABEF-A2B3DB42B587} => pcalua.exe -a C:\Users\Chosen072\Desktop\nhcMediaPlugin-Installer.exe -d C:\Users\Chosen072\Desktop
Task: {19924BC8-9B82-4DCA-A520-92D34DD1E1EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000Core => C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09] (Google Inc.)
Task: {21E9C09A-9845-4BCC-A42A-8AB664FB4B6C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000UA => C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09] (Google Inc.)
Task: {25EBCBB4-13FF-445F-BB52-9150E8AB4BF7} - System32\Tasks\Orb Startup => C:\Program Files\Winamp Remote\bin\orbtray.exe
Task: {262F7EEB-F90A-46FD-B879-9BEB74B3B240} - System32\Tasks\{4CB04913-6768-4B55-853E-483C56B0C44A} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.EXE" -c -runfromtemp -l0x0409  -EPSON -removeonly
Task: {31B09CCC-3C11-45CE-9441-A8C36675378A} - System32\Tasks\HPCeeScheduleForChosen072 => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-03-23] (Hewlett-Packard)
Task: {5407EF90-BAB3-4641-AE1A-D1AE4CE373B5} - System32\Tasks\{D31CDB85-45EA-4195-B85F-24D53EFCF352} => pcalua.exe -a C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSLAE.EXE -c /R /APD /P:"EPSON XP-410 Series"
Task: {64EB0D92-F8E5-4DE8-81AD-02663C7D48FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18UA => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {6C1B7075-3A3F-453B-A627-4A541EAAF93D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-18Core => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-07] (Google Inc.)
Task: {73FF8D59-71EF-42E8-911C-28ED6D93F4E3} - System32\Tasks\Amazon Music Helper => C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2014-03-07] ()
Task: {76CE62FC-1A5E-491E-B8F4-8A01802D2497} - System32\Tasks\{75091578-6EEE-4D06-80B4-E4A4EA88331A} => pcalua.exe -a "C:\Users\Chosen072\Downloads\Sam Broadcaster 4 3 6 Full [h33t] [JollyRoger]\Setup\Upgrade.exe" -d "C:\Users\Chosen072\Downloads\Sam Broadcaster 4 3 6 Full [h33t] [JollyRoger]\Setup"
Task: {7D039164-45DE-45A8-B647-7C775B204249} - System32\Tasks\{4646508B-6CF3-467B-8A67-668603E8EACE} => pcalua.exe -a "C:\Program Files\Microsoft Security Client\Setup.exe" -c /x
Task: {892316F1-417C-4415-83D3-4BED2628D477} - System32\Tasks\{08161B7B-10F7-4E5E-9D3D-377428172A7F} => pcalua.exe -a "C:\Program Files\Winamp\UninstWA.exe"
Task: {99B280BC-9BBB-462F-86CB-5277DEAF5011} - System32\Tasks\{C592BDA9-58CF-4BDB-A257-16CF988FE9AC} => C:\Program Files\Skype\Phone\Skype.exe [2014-07-02] (Skype Technologies S.A.)
Task: {A5269446-4CA6-4658-84FF-D8DE6CF2C672} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Chosen072 => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {AFB1E514-54AF-48F3-98E4-DDE9BF4C7DB9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BEB06856-A3C2-41A9-8983-C5F5ECC2B04F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-08] (Google Inc.)
Task: {C088B117-39A1-4FE8-99AF-59994133FE43} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {E2F5049F-8B3E-47F1-B202-04A219DD3D09} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {FC5CA52D-3277-4BFC-920D-3C075DC5309A} - System32\Tasks\{5B3EB5CC-A5FD-4FFC-8C96-F6DEAAFB0F89} => Iexplore.exe http://ui.skype.com/...fered-installed

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000Core.job => C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000UA.job => C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForChosen072.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) ==============

2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-15 12:31 - 2010-12-15 12:31 - 00460144 _____ () C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
2010-10-25 22:06 - 2010-10-25 22:06 - 02248704 _____ () C:\Program Files\Flip Video\FlipShare\QtCore4.dll
2010-12-15 12:31 - 2010-12-15 12:31 - 04300800 _____ () C:\Program Files\Flip Video\FlipShare\Core.dll
2010-12-15 12:26 - 2010-12-15 12:26 - 00737280 _____ () C:\Program Files\Flip Video\FlipShare\qca2.dll
2010-10-25 22:23 - 2010-10-25 22:23 - 08351744 _____ () C:\Program Files\Flip Video\FlipShare\QtGui4.dll
2010-10-25 22:08 - 2010-10-25 22:08 - 00983040 _____ () C:\Program Files\Flip Video\FlipShare\QtNetwork4.dll
2010-10-25 22:23 - 2010-10-25 22:23 - 00204800 _____ () C:\Program Files\Flip Video\FlipShare\QtSql4.dll
2010-10-25 22:06 - 2010-10-25 22:06 - 00364544 _____ () C:\Program Files\Flip Video\FlipShare\QtXml4.dll
2010-10-26 06:34 - 2010-10-26 06:34 - 11853824 _____ () C:\Program Files\Flip Video\FlipShare\QtWebKit4.dll
2010-10-25 22:37 - 2010-10-25 22:37 - 00258048 _____ () C:\Program Files\Flip Video\FlipShare\phonon4.dll
2010-05-20 11:49 - 2010-05-20 11:49 - 00258048 _____ () C:\Program Files\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 01199104 _____ () C:\Program Files\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00642048 _____ () C:\Program Files\Flip Video\FlipShare\PocoNet.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00511488 _____ () C:\Program Files\Flip Video\FlipShare\PocoXML.dll
2010-12-15 12:22 - 2010-12-15 12:22 - 01085440 _____ () C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
2010-10-25 22:06 - 2010-10-25 22:06 - 02248704 _____ () C:\Program Files\Flip Video\FlipShareServer\QtCore4.dll
2010-10-25 22:08 - 2010-10-25 22:08 - 00983040 _____ () C:\Program Files\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-25 22:23 - 2010-10-25 22:23 - 00204800 _____ () C:\Program Files\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 11:49 - 2010-05-20 11:49 - 00258048 _____ () C:\Program Files\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 01199104 _____ () C:\Program Files\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00642048 _____ () C:\Program Files\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00175616 _____ () C:\Program Files\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00291840 _____ () C:\Program Files\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00511488 _____ () C:\Program Files\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 07:47 - 2010-05-17 07:47 - 00110592 _____ () C:\Program Files\Flip Video\FlipShareServer\PocoCrypto.dll
2010-03-06 17:10 - 2007-12-19 19:28 - 00271760 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2010-03-06 17:10 - 2007-12-19 19:28 - 00251288 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2010-03-06 17:10 - 2007-12-19 19:28 - 00038184 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2010-03-06 17:10 - 2007-12-19 19:28 - 00112016 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
2010-03-06 17:10 - 2007-12-19 19:28 - 00120208 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2010-03-06 17:10 - 2007-12-19 19:28 - 00345384 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2014-02-09 21:25 - 2014-03-07 15:39 - 03168576 _____ () C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2015-02-20 09:36 - 2015-01-16 09:34 - 00505344 _____ () C:\Program Files\NetRatingsNetSight\NetSight\meter2\communication.dll
2015-01-22 12:28 - 2015-01-16 09:40 - 00504832 _____ () C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll
2012-01-08 08:41 - 2012-01-08 08:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2008-06-20 00:45 - 2008-06-19 23:42 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2009-11-03 19:14 - 2009-11-03 19:14 - 00054272 _____ () C:\Program Files\Notepad++\NppShell_01.dll
2014-10-16 03:01 - 2014-10-16 03:01 - 00186368 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\05139c8c59a94faa7592e7d20a46d2c3\Kies.Common.DeviceServiceLib.Interface.ni.dll
2014-10-16 03:03 - 2014-10-16 03:03 - 14971904 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\6af4e6849c5245d553c7f3ad01d0a01c\Kies.Theme.ni.dll
2014-10-16 03:01 - 2014-10-16 03:01 - 01842688 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\68d88b510a9cf63ee392b2f8723d4e2e\Kies.UI.ni.dll
2014-10-16 03:01 - 2014-10-16 03:01 - 00081920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\781622d2d2f65de56982ebb61ee0eab2\Kies.MVVM.ni.dll
2014-10-16 03:02 - 2014-10-16 03:02 - 00236032 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6815ff93472d008087880a6462931188\ASF_cSharpAPI.ni.dll
2010-03-06 17:09 - 2007-12-19 19:27 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2015-02-20 09:36 - 2015-01-16 09:35 - 00595968 _____ () C:\Program Files\NetRatingsNetSight\NetSight\meter2\npchromeinstaller.dll
2015-02-20 09:36 - 2015-01-16 09:35 - 00851968 _____ () C:\Program Files\NetRatingsNetSight\NetSight\meter2\npfirefoxprocessor.dll
2015-02-20 09:36 - 2015-01-16 09:37 - 00150528 _____ () C:\Program Files\NetRatingsNetSight\NetSight\meter2\npsp1.dll
2015-02-20 09:36 - 2015-01-16 09:34 - 00228864 _____ () C:\Program Files\NetRatingsNetSight\NetSight\meter2\npsurvey.dll
2015-02-20 09:36 - 2015-01-16 09:34 - 00224768 _____ () C:\Program Files\NetRatingsNetSight\NetSight\meter2\npwmi.dll
2009-07-01 14:44 - 2009-07-01 14:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2015-02-20 15:01 - 2015-02-20 15:01 - 00098816 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32api.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00110080 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\pywintypes27.dll
2015-02-20 15:01 - 2015-02-20 15:01 - 00364544 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\pythoncom27.dll
2015-02-20 15:01 - 2015-02-20 15:01 - 00045568 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\_socket.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 01160704 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\_ssl.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00320512 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32com.shell.shell.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00713216 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\_hashlib.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 01175040 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._core_.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00805888 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._gdi_.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00811008 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._windows_.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 01062400 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._controls_.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00735232 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._misc_.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00557056 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\pysqlite2._sqlite.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00128512 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\_elementtree.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00127488 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\pyexpat.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00087552 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\_ctypes.pyd
2015-02-20 15:01 - 2015-02-20 15:02 - 00119808 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32file.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00108544 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32security.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00007168 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\hashobjs_ext.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00167936 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32gui.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00018432 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32event.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00038912 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32inet.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00011264 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32crypt.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00070656 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._html2.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00027136 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\_multiprocessing.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00035840 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32process.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00686080 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\unicodedata.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00122368 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._wizard.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00024064 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32pipe.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00025600 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32pdh.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00525640 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\windows._lib_cacheinvalidation.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00010240 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\select.pyd
2015-02-20 15:02 - 2015-02-20 15:02 - 00017408 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32profile.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00022528 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\win32ts.pyd
2015-02-20 15:01 - 2015-02-20 15:01 - 00078336 _____ () C:\Users\Chosen072\AppData\Local\temp\_MEI28482\wx._animate.pyd

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-984307550-3928441585-2128114710-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chosen072\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Chosen072^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Chosen072^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent DNA => "C:\Users\Chosen072\Program Files\DNA\btdna.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisor => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Jing => C:\Program Files\TechSmith\Jing\Jing.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Mobile Connectivity Suite => "C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VX1000 => C:\Windows\vVX1000.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

==================== Accounts: =============================

Administrator (S-1-5-21-984307550-3928441585-2128114710-500 - Administrator - Disabled)
Chosen072 (S-1-5-21-984307550-3928441585-2128114710-1000 - Administrator - Enabled) => C:\Users\Chosen072
Guest (S-1-5-21-984307550-3928441585-2128114710-501 - Limited - Disabled) => C:\Users\Guest

==================== Faulty Device Manager Devices =============

Name: Microsoft ISATAP Adapter #7
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2015 00:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 35.0.1.5500, time stamp 0x54c1f9f3, faulting module mozalloc.dll, version 35.0.1.5500, time stamp 0x54c1f224, exception code 0x80000003, fault offset 0x00001425,
process id 0x1008, application start time 0xplugin-container.exe0.

Error: (02/20/2015 00:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 35.0.1.5500, time stamp 0x54c1f9f3, faulting module mozalloc.dll, version 35.0.1.5500, time stamp 0x54c1f224, exception code 0x80000003, fault offset 0x00001425,
process id 0x1594, application start time 0xplugin-container.exe0.

Error: (02/20/2015 10:14:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 35.0.1.5500, time stamp 0x54c1f9f3, faulting module mozalloc.dll, version 35.0.1.5500, time stamp 0x54c1f224, exception code 0x80000003, fault offset 0x00001425,
process id 0xbd0, application start time 0xplugin-container.exe0.

Error: (02/20/2015 10:10:02 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\7YV1SACE> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/20/2015 10:10:02 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\X27LYT81> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/20/2015 10:10:01 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\LOW\CONTENT.IE5\EWA747JZ> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/20/2015 10:08:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application plugin-container.exe, version 35.0.1.5500, time stamp 0x54c1f9f3, faulting module mozalloc.dll, version 35.0.1.5500, time stamp 0x54c1f224, exception code 0x80000003, fault offset 0x00001425,
process id 0x1690, application start time 0xplugin-container.exe0.

Error: (02/20/2015 06:46:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12527

Error: (02/20/2015 06:29:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12527

Error: (02/20/2015 06:29:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/20/2015 01:02:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: cdrom

Error: (02/20/2015 01:02:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (02/20/2015 01:01:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Ricoh xD-Picture Card Driver%%1058

Error: (02/20/2015 01:01:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: rimsptsk%%1058

Error: (02/20/2015 01:01:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: rimmptsk%%1058

Error: (02/20/2015 01:01:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (02/20/2015 09:50:47 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWFailureCommand%%5

Error: (02/20/2015 09:32:07 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5

Error: (02/20/2015 09:26:19 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

    Feature: %%886

    Error Code: 0x80070005

    Error description: Access is denied.

    Reason: %%892

Error: (02/20/2015 09:26:17 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExWStart%%5


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-02-20 17:07:44.502
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:43.566
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:42.615
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:41.663
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:40.056
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:39.120
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:38.169
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 17:07:37.155
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 11:45:02.034
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-20 11:45:01.065
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Turion™ 64 X2 Mobile Technology TL-58
Percentage of memory in use: 54%
Total physical RAM: 1982.18 MB
Available physical RAM: 893.2 MB
Total Pagefile: 4206.79 MB
Available Pagefile: 2954.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.47 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:103.38 GB) (Free:5.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:111.79 GB) (Free:11.78 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:8.41 GB) (Free:1.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 1F29DFAF)
Partition 1: (Active) - (Size=103.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: C583B4DC)
Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

FRST saw some Zero Access on the previous scan so let's run Combofix to make sure it is gone.

 

ComboFix
 
:!: It must be saved to your desktop, do not run it from your browser:!:
 
:!: Disable your Antivirus software when downloading or running Combofix. If it has Script Blocking features, please disable these as well.  See: http://www.bleepingc...opic114351.html
 
:!: Turn off your screen saver so you can see what is going on
 
Download and Save this file --  to your Desktop -- from either of these two sources:
 
Rightclick on ComboFix and select Run As Administrator to start the program.  
 
 
 
    * :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
    
    
    * A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.  
 
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
You should get a log when it finishes.  If not this may mean you have the new version of Zero Access malware so run Combofix a second time.
If you still don't get a log search for Combofix.txt.  It is usually at => C:\Combofix\Combofix.txt. I'll need to see that in your reply.
If you get an error about a registry value when you try to run a program, then just reboot to clear it.

  • 0

#19
chosen072

chosen072

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts

I'm not sure how to pause mse because I uninstalled it but it's still active


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Go ahead and run Combofix (right click and run as admin).  It will probably work anyway.


  • 0

#21
chosen072

chosen072

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts

It got to preparing report but no report was prepared after 30 minutes


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Did it ever finish or did you have to reboot it?  

 

If you don't get a log search for Combofix.txt.  It is usually at => C:\Combofix\Combofix.txt. I'll need to see that in your reply.


  • 0

#23
chosen072

chosen072

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts

found it

 

ComboFix 15-02-16.01 - Chosen072 02/20/2015  21:16:35.10.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1982.866 [GMT -5:00]
Running from: C:\Users\Chosen072\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))


---- Previous Run -------

C:\Users\Chosen072\AppData\Local\Adobe\downloader.dll


(((((((((((((((((((((((((   Files Created from 2015-01-21 to 2015-02-21  )))))))))))))))))))))))))))))))


2015-02-21 02:37:51 . 2015-02-21 02:37:51    --------    d-----w-    C:\Windows\system32\config\systemprofile\AppData\Local\temp
2015-02-21 02:37:51 . 2015-02-21 02:37:51    --------    d-----w-    C:\Users\Public\AppData\Local\temp
2015-02-21 02:37:51 . 2015-02-21 02:37:51    --------    d-----w-    C:\Users\Guest\AppData\Local\temp
2015-02-21 02:37:51 . 2015-02-21 02:37:51    --------    d-----w-    C:\Users\Default\AppData\Local\temp
2015-02-21 02:10:46 . 2015-02-21 02:10:46    39464    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E5EF079C-BCDE-47E1-B5BC-8542C7BD9B81}\MpKsl27bda6f3.sys
2015-02-21 01:14:06 . 2015-01-29 09:49:45    9041640    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E5EF079C-BCDE-47E1-B5BC-8542C7BD9B81}\mpengine.dll
2015-02-20 09:08:13 . 2015-02-20 22:09:16    --------    d-----w-    C:\FRST
2015-02-19 21:34:24 . 2015-01-29 09:49:45    9041640    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-19 21:34:12 . 2015-02-19 22:04:41    --------    d-----w-    C:\AdwCleaner
2015-02-17 21:20:16 . 2015-02-19 03:19:35    114904    ----a-w-    C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-02-17 21:19:20 . 2014-11-21 11:14:10    75480    ----a-w-    C:\Windows\system32\drivers\mbamchameleon.sys
2015-02-17 21:19:19 . 2015-02-17 21:19:41    --------    d-----w-    C:\Program Files\Malwarebytes Anti-Malware
2015-02-17 21:19:19 . 2014-11-21 11:14:16    51928    ----a-w-    C:\Windows\system32\drivers\mwac.sys
2015-02-17 21:03:27 . 2015-02-17 21:03:30    --------    d-----w-    C:\ProgramData\Unchecky
2015-02-17 15:49:38 . 2015-01-23 03:00:27    1810944    ----a-w-    C:\Windows\system32\jscript9.dll
2015-02-13 17:34:48 . 2014-11-26 02:05:50    564224    ----a-w-    C:\Windows\system32\oleaut32.dll
2015-02-13 17:33:08 . 2015-01-09 00:20:49    2063360    ----a-w-    C:\Windows\system32\win32k.sys
2015-02-13 17:31:42 . 2015-01-13 01:39:22    974848    ----a-w-    C:\Windows\system32\WindowsCodecs.dll
2015-02-13 17:19:09 . 2015-01-15 04:13:11    440760    ----a-w-    C:\Windows\system32\drivers\ksecdd.sys
2015-02-13 17:12:57 . 2014-12-08 01:59:34    306176    ----a-w-    C:\Windows\system32\scesrv.dll
2015-02-12 14:43:28 . 2014-10-09 01:09:30    908840    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BCC06DE-BEC7-4805-9F34-AAF58E1A0FF3}\gapaengine.dll
2015-02-12 14:20:59 . 2015-01-14 01:41:09    142848    ----a-w-    C:\Windows\system32\ieUnatt.exe
2015-01-22 17:28:13 . 2015-01-22 17:28:13    --------    d-----w-    C:\Program Files\NetRatingsNetSight
.


((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2015-02-04 20:49:27 . 2012-04-12 12:11:25    701616    ----a-w-    C:\Windows\system32\FlashPlayerApp.exe
2015-02-04 20:49:26 . 2012-02-21 13:38:16    71344    ----a-w-    C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-31 11:13:47 . 2009-11-13 20:44:21    249488    ------w-    C:\Windows\system32\MpSigStub.exe
2014-12-19 00:25:17 . 2015-01-14 10:02:00    115200    ----a-w-    C:\Windows\system32\drivers\mrxdav.sys
2014-12-06 03:14:51 . 2015-01-14 09:06:33    153600    ----a-w-    C:\Windows\system32\profsvc.dll
2014-12-06 03:14:36 . 2015-01-14 09:09:58    174080    ----a-w-    C:\Windows\system32\nlasvc.dll
2014-12-06 03:14:36 . 2015-01-14 09:09:57    48640    ----a-w-    C:\Windows\system32\nlaapi.dll
2014-12-06 03:14:34 . 2015-01-14 09:09:58    93184    ----a-w-    C:\Windows\system32\ncsi.dll
2014-12-03 02:06:01 . 2014-12-11 08:08:08    278528    ----a-w-    C:\Windows\system32\schannel.dll


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 21:59:34    577864    ----a-w-    C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 21:59:34    577864    ----a-w-    C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 21:59:34    577864    ----a-w-    C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 21:59:34    577864    ----a-w-    C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 21:59:34    577864    ----a-w-    C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 21:59:34    577864    ----a-w-    C:\Program Files\Google\Drive\googledrivesync32.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-04-11 06:28:03 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 07:33:09 125952]
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe" [2015-01-15 21:59:32 23308256]
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe" [2013-11-06 15:55:38 1564528]
"KiesAirMessage"="C:\Program Files\Samsung\Kies\KiesAirMessage.exe" [BU]
"Amazon Cloud Player"="C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2014-03-07 20:39:48 3168576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 08:36:24 2299176]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-10-03 20:15:40 480560]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe" [2015-01-30 06:53:04 978520]
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2010-01-11 20:57:42 349240]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 23:51:06 59720]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2009-01-30 13:12:00 13605408]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2009-01-30 13:12:00 92704]
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2013-11-06 15:55:40 311152]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2013-05-01 08:59:04 421888]
"EEventManager"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe" [2012-07-31 16:16:30 1057920]
"FUFAXRCV"="C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe" [2012-02-29 21:47:30 502912]
"FUFAXSTM"="C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe" [2012-02-29 21:47:32 863360]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 23:19:22 271744]
"NielsenOnline"="C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe" [2015-01-16 14:41:38 91872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-08 00:39:18 44128]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-04-19 20:26:52 484904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Chosen072^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=C:\Users\Chosen072\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=C:\Windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Chosen072^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Users\Chosen072\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37:40    932288    ----a-w-    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-24 09:15:10    40368    ----a-w-    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-09-13 23:51:06    59720    ----a-w-    C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-11-12 23:45:16    323392    ----a-w-    C:\Users\Chosen072\Program Files\DNA\btdna.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 23:36:46    30040    ----a-w-    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-10-09 12:58:56    75008    ----a-w-    c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-12 02:34:40    49152    ----a-w-    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]
2007-03-20 22:23:40    1773568    ----a-w-    C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-06-02 07:28:22    81920    ----a-w-    C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
2013-01-07 19:56:16    2909640    ----a-w-    C:\Program Files\TechSmith\Jing\Jing.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
C:\Program Files\Microsoft LifeCam\LifeExp.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mobile Connectivity Suite]
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2007-12-20 00:27:50    468264    ----a-w-    C:\Program Files\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 08:59:04    421888    ----a-w-    C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 19:31:16    2144088    --sha-r-    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2014-09-26 23:19:22    271744    ----a-w-    C:\Program Files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
2009-06-26 21:21:00    757248    ----a-w-    C:\WINDOWS\vVX1000.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38:38    1008184    ----a-w-    C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-18]
"EnableNotifications\\Ref"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-984307550-3928441585-2128114710-1000]
"EnableNotifications\\Ref"=dword:00000001

S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 23:07:14 759048]


--- Other Services/Drivers In Memory ---

*NewlyCreated* - MPKSL27BDA6F3

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
HPZ12    REG_MULTI_SZ       Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
bthsvcs    REG_MULTI_SZ       BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-04-19 20:23:04    452136    ----a-w-    C:\Program Files\Common Files\LightScribe\LSRunOnce.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2012-02-15 14:27:14    114176    ----a-w-    C:\WINDOWS\System32\advpack.dll

Contents of the 'Scheduled Tasks' folder

2015-02-21 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 12:11:25 . 2015-02-04 20:49:27]

2015-02-05 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-08 15:50:26 . 2013-02-08 15:50:15]

2015-02-21 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-08 15:50:26 . 2013-02-08 15:50:15]

2015-02-19 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
- C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08 04:00:39 . 2014-02-08 04:00:32]

2015-02-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
- C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08 04:00:39 . 2014-02-08 04:00:32]

2015-02-20 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000Core.job
- C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09 15:22:05 . 2012-04-09 15:21:57]

2015-02-21 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000UA.job
- C:\Users\Chosen072\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-09 15:22:05 . 2012-04-09 15:21:57]

2015-02-20 C:\Windows\Tasks\HPCeeScheduleForChosen072.job
- C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-08-05 01:49:31 . 2007-03-23 21:23:24]
 


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

Doesn't look like it found anything.  I would take Spybot out of msconfig.  Then have Spybot undo any immunizing it may have done and then uninstall it.  It does weird things to the registry and the garbage it puts in your hosts file can slow a Win 7 down considerably.

 

We need to try and fix your winsock stack.  There is one that is wrong.  First uninstall Bonjour.  This is an Apple program.  You will get a new one next time you update Apple software.  Then copy the next line:

 

netsh winsock reset catalog
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter.  Close the command window.  Reboot and then run a  FRST SCAN again.
 
 

  • 0

#25
chosen072

chosen072

    Member

  • Topic Starter
  • Member
  • PipPip
  • 88 posts

I removed bonjour, completed thw winsock fixand ran the scan again

 

The log is below

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-02-2015 01
Ran by Chosen072 (administrator) on ROBINS-LT on 21-02-2015 16:31:21
Running from C:\Users\Chosen072\Desktop
Loaded Profiles: Chosen072 (Available profiles: Chosen072 & Guest)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\WINDOWS\System32\escsvc.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
() C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
() C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Samsung) C:\Program Files\SAMSUNG\Kies\Kies.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(The Nielsen Company) C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\WMIADAP.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [480560 2007-10-03] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [349240 2010-01-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [NielsenOnline] => C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [91872 2015-01-16] (The Nielsen Company)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44128 2006-11-07] (soft thinks)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung)
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Run: [Amazon Cloud Player] => C:\Users\Chosen072\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-18\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [484904 2007-04-19] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Policies\Explorer: [NoSetActiveDesktop] 0
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://downloads.yah...xplorer/welcome
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-984307550-3928441585-2128114710-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = http://search.yahoo....ing}&fr=hp-pvdt
SearchScopes: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> {6CD9BBE3-DD01-49C6-BE7D-9AC27CA79035} URL = http://www.amazon.co...de=ur2&ie=UTF-8
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-984307550-3928441585-2128114710-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Chosen072\AppData\Roaming\Mozilla\Firefox\Profiles\hf9gv40m.default
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nielsen/FirefoxTracker -> C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\Chosen072\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Chosen072\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Chosen072\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @talk.google.com/O1DPlugin -> C:\Users\Chosen072\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-984307550-3928441585-2128114710-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Chosen072\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chosen072\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Chosen072\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-03-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-03-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\[email protected]
FF Extension: Nielsen NetSight - C:\Program Files\NetRatingsNetSight\NetSight\meter2\FirefoxAddOns\[email protected] [2015-02-21]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009-12-09]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{57E72829-C158-4341-BBED-58F0AD1740FD}] - C:\Program Files\Google\Google Photos Screensaver\FF_ext
FF HKU\S-1-5-20\...\Firefox\Extensions: [{57E72829-C158-4341-BBED-58F0AD1740FD}] - C:\Program Files\Google\Google Photos Screensaver\FF_ext
FF HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\Chosen072\Program Files\DNA
FF Extension: DNA - C:\Users\Chosen072\Program Files\DNA [2008-10-26]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKU\S-1-5-21-984307550-3928441585-2128114710-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\CHOSEN~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-09]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-02-15] (Adobe Systems) [File not signed]
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-01] (Macrovision Europe Ltd.) [File not signed]
R2 FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [460144 2010-12-15] ()
R2 FlipShareServer; C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2010-12-15] () [File not signed]
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 NielsenUpdate; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2934496 2015-01-16] (The Nielsen Company)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 QPCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [271760 2007-12-19] ()
R2 QPSched; C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [112016 2007-12-19] ()
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2007-02-12] (Sonic Solutions) [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 atapi; C:\Windows\System32\Drivers\tsk_atapi.sys [19944 2009-12-16] () [File not signed]
S3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [67840 2009-07-16] (Option N.V.)
S3 GTUHSNDISIPXP; C:\Windows\System32\DRIVERS\gtuhs51.sys [107776 2009-07-16] (Option N.V.)
S3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2009-07-16] (Option N.V.)
S3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [160768 2007-04-11] (Conexant Systems Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 nnfwdk; C:\Program Files\NetRatingsNetSight\NetSight\meter2\nnfwdk.sys [23264 2015-01-16] (The Nielsen Company)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [26760 2008-08-22] ()
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41984 2010-09-28] (Apple, Inc.) [File not signed]
S3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1956096 2009-06-26] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S3 catchme; \??\C:\Users\CHOSEN~1\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 16:31 - 2015-02-21 16:31 - 00024902 _____ () C:\Users\Chosen072\Desktop\FRST.txt
2015-02-20 21:13 - 2015-02-20 21:42 - 00000000 ____D () C:\ComboFix
2015-02-20 10:19 - 2015-02-20 22:05 - 00000000 ____D () C:\Users\Chosen072\Desktop\Virus Log
2015-02-20 09:28 - 2015-02-20 09:28 - 00000000 _____ () C:\extensions.sqlite
2015-02-20 04:08 - 2015-02-21 16:31 - 00000000 ____D () C:\FRST
2015-02-20 04:05 - 2015-02-20 04:05 - 01126400 _____ (Farbar) C:\Users\Chosen072\Desktop\FRST.exe
2015-02-19 17:10 - 2015-02-19 17:10 - 01388274 _____ (Thisisu) C:\Users\Chosen072\Desktop\JRT.exe
2015-02-19 16:34 - 2015-02-19 17:04 - 00000000 ____D () C:\AdwCleaner
2015-02-19 16:32 - 2015-02-19 16:32 - 02126848 _____ () C:\Users\Chosen072\Desktop\AdwCleaner.exe
2015-02-18 22:02 - 2015-02-18 22:03 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Chosen072\Desktop\tdsskiller.exe
2015-02-18 17:20 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-18 17:20 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-18 17:20 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-18 17:20 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-18 17:06 - 2015-02-18 17:07 - 05198336 _____ (AVAST Software) C:\Users\Chosen072\Desktop\aswMBR.exe
2015-02-18 17:05 - 2015-02-18 17:05 - 05611903 ____R (Swearware) C:\Users\Chosen072\Desktop\ComboFix.exe
2015-02-18 14:57 - 2015-02-18 14:58 - 00000000 ____D () C:\Users\Chosen072\Desktop\Images
2015-02-17 16:20 - 2015-02-20 22:06 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-17 16:19 - 2015-02-17 16:19 - 00000861 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-17 16:19 - 2015-02-17 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-17 16:19 - 2015-02-17 16:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-02-17 16:19 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-17 16:19 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-17 16:03 - 2015-02-17 16:03 - 00000000 ____D () C:\ProgramData\Unchecky
2015-02-17 13:54 - 2015-02-17 13:54 - 00000000 ____D () C:\Users\Chosen072\Documents\2015 Tax Return
2015-02-17 10:49 - 2015-01-22 22:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-17 10:49 - 2015-01-22 21:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-16 17:00 - 2015-02-20 09:36 - 00022177 _____ () C:\Windows\setupact.log
2015-02-16 17:00 - 2015-02-16 17:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-13 12:34 - 2014-11-25 21:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 12:33 - 2015-01-08 19:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 12:31 - 2015-01-12 20:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 12:19 - 2015-01-14 23:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 12:12 - 2014-12-07 20:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 09:21 - 2015-01-13 20:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 09:21 - 2015-01-13 20:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-02-12 09:21 - 2015-01-13 20:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 09:21 - 2015-01-13 20:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 09:21 - 2015-01-13 20:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 09:21 - 2015-01-13 20:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 09:21 - 2015-01-13 20:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 09:21 - 2015-01-13 20:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 09:21 - 2015-01-13 20:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-02-12 09:21 - 2015-01-13 20:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-02-12 09:21 - 2015-01-13 20:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-02-12 09:20 - 2015-01-13 20:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 09:20 - 2015-01-13 20:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 09:20 - 2015-01-13 20:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-02-12 09:20 - 2015-01-13 20:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-09 11:31 - 2015-02-09 11:31 - 02842624 _____ () C:\Users\Chosen072\Downloads\SmartApp.msi
2015-01-27 11:55 - 2015-01-27 11:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 17:31 - 2015-01-26 17:31 - 00000662 _____ () C:\Users\Chosen072\Desktop\health care info.txt
2015-01-22 12:36 - 2015-01-22 12:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk_01009.Wdf
2015-01-22 12:28 - 2015-01-22 12:31 - 00000934 _____ () C:\nsinst.log
2015-01-22 12:28 - 2015-01-22 12:28 - 00000000 ____D () C:\Program Files\NetRatingsNetSight
2015-01-22 12:27 - 2015-01-22 12:27 - 02790608 _____ (The Nielsen Company) C:\Users\Chosen072\Downloads\netsight_setup_6.2.0.15_MP_Production_mid60576379915_p.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-21 16:29 - 2014-07-12 05:06 - 00000217 _____ () C:\Windows\TWAIN.LOG
2015-02-21 16:29 - 2013-08-09 21:15 - 00000005 _____ () C:\Windows\Twain001.Mtx
2015-02-21 16:29 - 2013-02-09 07:33 - 00000000 ___RD () C:\Users\Chosen072\Google Drive
2015-02-21 16:28 - 2013-08-09 21:15 - 00000156 _____ () C:\Windows\Twunk001.MTX
2015-02-21 16:28 - 2009-02-16 04:35 - 00178663 _____ () C:\ProgramData\nvModes.001
2015-02-21 16:27 - 2009-02-16 04:35 - 00178663 _____ () C:\ProgramData\nvModes.dat
2015-02-21 16:26 - 2007-08-04 22:04 - 00000000 ____D () C:\Windows\SMINST
2015-02-21 16:24 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 16:24 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:24 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:22 - 2013-02-14 18:09 - 01801473 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 16:22 - 2010-08-31 14:06 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-02-21 16:22 - 2006-11-02 08:01 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-21 16:14 - 2010-06-01 08:20 - 00000000 ____D () C:\Program Files\Bonjour
2015-02-21 16:12 - 2013-02-08 10:50 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 16:07 - 2006-11-02 05:33 - 00762866 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-21 16:05 - 2014-02-07 23:00 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2015-02-21 06:49 - 2012-12-29 12:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 06:44 - 2014-11-16 13:32 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000UA.job
2015-02-21 05:30 - 2012-07-18 09:18 - 00000000 ____D () C:\Users\Chosen072\AppData\Local\Firestorm
2015-02-21 03:55 - 2014-08-16 03:39 - 00023722 _____ () C:\Windows\PFRO.log
2015-02-21 03:37 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-21 03:26 - 2010-03-06 22:54 - 00000021 _____ () C:\Users\Public\Documents\hpqp.txt
2015-02-20 23:05 - 2014-02-07 23:00 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2015-02-20 21:38 - 2006-11-02 05:23 - 00000215 _____ () C:\Windows\system.ini
2015-02-20 21:12 - 2012-02-20 07:41 - 00002229 _____ () C:\Windows\epplauncher.mif
2015-02-20 15:51 - 2012-04-09 10:22 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984307550-3928441585-2128114710-1000Core.job
2015-02-20 12:36 - 2008-01-30 02:47 - 00000000 ____D () C:\Users\Chosen072
2015-02-20 10:58 - 2014-05-30 18:14 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForChosen072.job
2015-02-19 16:57 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache
2015-02-19 16:42 - 2010-03-15 06:48 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-02-19 13:49 - 2008-01-30 22:34 - 00000000 ____D () C:\Users\Chosen072\AppData\Local\Adobe
2015-02-18 21:59 - 2012-05-14 14:26 - 00000512 _____ () C:\Users\Chosen072\Desktop\MBR.dat
2015-02-18 17:20 - 2012-05-15 05:34 - 00000000 ____D () C:\Qoobox
2015-02-17 16:19 - 2009-08-14 11:47 - 00000000 ____D () C:\Users\Chosen072\AppData\Roaming\Malwarebytes
2015-02-17 16:19 - 2009-08-14 11:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-16 17:30 - 2006-11-02 07:47 - 01822992 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-16 15:43 - 2014-11-19 10:32 - 00000000 ____D () C:\Users\Chosen072\Documents\Mom's Inc
2015-02-13 13:22 - 2013-08-08 22:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 12:35 - 2010-05-17 02:16 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-13 12:34 - 2007-08-04 21:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 12:19 - 2012-05-15 18:35 - 00001788 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-13 12:17 - 2012-05-15 18:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-09 11:48 - 2008-03-16 14:05 - 00000680 _____ () C:\Users\Chosen072\AppData\Local\d3d9caps.dat
2015-02-05 03:07 - 2013-02-08 10:50 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 15:49 - 2012-04-12 07:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-04 15:49 - 2012-02-21 08:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-02 13:11 - 2008-06-13 09:19 - 00000000 ____D () C:\Users\Chosen072\AppData\Roaming\Mozilla
2015-01-29 14:36 - 2013-02-09 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-28 14:24 - 2013-03-23 08:27 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2008-08-12 07:11 - 2009-07-07 13:21 - 0870128 _____ () C:\Users\Chosen072\AppData\Roaming\mcs.rma
2008-01-30 11:03 - 2009-02-15 18:04 - 0027715 _____ () C:\Users\Chosen072\AppData\Roaming\nvModes.001
2008-01-30 07:14 - 2008-10-09 16:24 - 0027715 _____ () C:\Users\Chosen072\AppData\Roaming\nvModes.dat
2009-07-26 11:36 - 2009-10-04 18:29 - 0007887 _____ () C:\Users\Chosen072\AppData\Roaming\pcouffin.cat
2009-07-26 11:36 - 2009-10-04 18:29 - 0001144 _____ () C:\Users\Chosen072\AppData\Roaming\pcouffin.inf
2009-07-26 11:38 - 2009-10-04 18:29 - 0000033 _____ () C:\Users\Chosen072\AppData\Roaming\pcouffin.log
2009-07-26 11:36 - 2009-10-04 18:29 - 0047360 _____ (VSO Software) C:\Users\Chosen072\AppData\Roaming\pcouffin.sys
2009-12-10 16:13 - 2009-12-10 16:29 - 0000035 _____ () C:\Users\Chosen072\AppData\Roaming\SetValue.bat
2008-01-30 06:14 - 2008-02-25 13:51 - 0031007 _____ () C:\Users\Chosen072\AppData\Roaming\UserTile.png
2009-10-04 06:28 - 2009-10-04 06:28 - 63073179 _____ (F.A.S ®                                                     ) C:\Users\Chosen072\AppData\Roaming\Virtual_DJ_Setup.exe
2008-01-31 05:02 - 2012-04-11 16:06 - 0003770 _____ () C:\Users\Chosen072\AppData\Roaming\wklnhst.dat
2008-01-30 02:58 - 2008-01-30 02:58 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\AtStart.txt
2008-03-16 14:05 - 2015-02-09 11:48 - 0000680 _____ () C:\Users\Chosen072\AppData\Local\d3d9caps.dat
2008-01-30 11:21 - 2015-01-13 17:26 - 0109056 _____ () C:\Users\Chosen072\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-01-30 02:58 - 2008-01-30 02:58 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\DSwitch.txt
2008-01-30 02:58 - 2008-01-30 02:58 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\QSwitch.txt
2008-03-04 11:30 - 2008-03-04 11:30 - 0000000 _____ () C:\Users\Chosen072\AppData\Local\rx_image.Cache
2013-08-28 05:04 - 2013-09-06 18:28 - 0000072 _____ () C:\Users\Chosen072\AppData\Local\slurlproxy.csv
2009-09-09 18:06 - 2009-09-09 18:06 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2007-08-04 21:43 - 2010-08-23 15:29 - 0009322 _____ () C:\ProgramData\hpzinstall.log
2008-04-09 20:37 - 2008-04-09 20:47 - 0014958 _____ () C:\ProgramData\LUUnInstall.LiveUpdate
2009-02-16 04:35 - 2015-02-21 16:28 - 0178663 _____ () C:\ProgramData\nvModes.001
2009-02-16 04:35 - 2015-02-21 16:27 - 0178663 _____ () C:\ProgramData\nvModes.dat

Some zero byte size files/folders:
==========================
C:\Windows\System32\tcpmon.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-21 16:32

==================== End Of Log ============================


  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,016 posts
  • MVP

The winsock reset doesn't appear to be working.  It should have removed the Bonjour and fixed the other one.

 

Please download MiniToolbox
 
http://www.bleepingc...oad/minitoolbox save it to your desktop and run it.
 
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
     
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

    • 0

    #27
    chosen072

    chosen072

      Member

    • Topic Starter
    • Member
    • PipPip
    • 88 posts

    The page says not found

    Is there somewhere else I can dl this tool?


    • 0

    #28
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,016 posts
    • MVP

    I think the link lost the / at the end.  It should be:

     

    http://www.bleepingc...ad/minitoolbox/


    • 0

    #29
    chosen072

    chosen072

      Member

    • Topic Starter
    • Member
    • PipPip
    • 88 posts

    Toolbox Log below

     

    MiniToolBox by Farbar  Version: 30-11-2014
    Ran by Chosen072 (administrator) on 22-02-2015 at 01:26:36
    Running from "C:\Users\Chosen072\Desktop"
    Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================

    "network.proxy.no_proxies_on", "*.local"
    "network.proxy.type", 0

    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================

    127.0.0.1       localhost

    ========================= IP Configuration: ================================

    Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
    NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Media disconnected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset
    set global


    popd
    # End of IPv4 configuration



    Windows IP Configuration

       Host Name . . . . . . . . . . . . : Robins-LT
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : home

    Wireless LAN adapter Wireless Network Connection:

       Connection-specific DNS Suffix  . : home
       Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
       Physical Address. . . . . . . . . : 00-1A-73-90-EE-45
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::14cf:f4cf:a240:ed98%9(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Saturday, February 21, 2015 9:52:44 PM
       Lease Expires . . . . . . . . . . : Saturday, February 28, 2015 9:52:44 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 184556147
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-6F-D7-D3-00-1B-24-91-09-87
       DNS Servers . . . . . . . . . . . : 192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Ethernet adapter Local Area Connection:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : home
       Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
       Physical Address. . . . . . . . . : 00-1B-24-91-09-87
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 6:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : home
       Description . . . . . . . . . . . : isatap.home
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 7:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : isatap.{8C77DCEE-1FB5-4633-8DEF-A02C55F1F52B}
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 16:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
       Physical Address. . . . . . . . . : 02-00-54-55-4E-01
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:45f:3df4:3f57:fef9(Preferred)
       Link-local IPv6 Address . . . . . : fe80::45f:3df4:3f57:fef9%20(Preferred)
       Default Gateway . . . . . . . . . : ::
       NetBIOS over Tcpip. . . . . . . . : Disabled

    Tunnel adapter Local Area Connection* 10:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 15:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Server:  verizon.home
    Address:  192.168.1.1

    Name:    google.com
    Addresses:  2607:f8b0:4006:80a::1000
          216.58.219.206



    Pinging google.com [216.58.219.206] with 32 bytes of data:

    Reply from 216.58.219.206: bytes=32 time=45ms TTL=57

    Reply from 216.58.219.206: bytes=32 time=47ms TTL=57



    Ping statistics for 216.58.219.206:

        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

    Approximate round trip times in milli-seconds:

        Minimum = 45ms, Maximum = 47ms, Average = 46ms

    Server:  verizon.home
    Address:  192.168.1.1

    Name:    yahoo.com
    Addresses:  98.138.253.109
          98.139.183.24
          206.190.36.45



    Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

    Reply from 98.139.183.24: bytes=32 time=48ms TTL=53

    Reply from 98.139.183.24: bytes=32 time=48ms TTL=53



    Ping statistics for 98.139.183.24:

        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

    Approximate round trip times in milli-seconds:

        Minimum = 48ms, Maximum = 48ms, Average = 48ms



    Pinging 127.0.0.1 with 32 bytes of data:

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



    Ping statistics for 127.0.0.1:

        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

    Approximate round trip times in milli-seconds:

        Minimum = 0ms, Maximum = 0ms, Average = 0ms

    ===========================================================================
    Interface List
      9 ...00 1a 73 90 ee 45 ...... Broadcom 802.11b/g WLAN
      8 ...00 1b 24 91 09 87 ...... NVIDIA nForce 10/100 Mbps Ethernet
      1 ........................... Software Loopback Interface 1
     21 ...00 00 00 00 00 00 00 e0  isatap.home
     15 ...00 00 00 00 00 00 00 e0  isatap.{8C77DCEE-1FB5-4633-8DEF-A02C55F1F52B}
     20 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
     10 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #2
     11 ...00 00 00 00 00 00 00 e0  Microsoft ISATAP Adapter #3
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.6     25
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          192.168.1.0    255.255.255.0         On-link       192.168.1.6    281
          192.168.1.6  255.255.255.255         On-link       192.168.1.6    281
        192.168.1.255  255.255.255.255         On-link       192.168.1.6    281
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link       192.168.1.6    281
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link       192.168.1.6    281
    ===========================================================================
    Persistent Routes:
      None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
     20     18 ::/0                     On-link
      1    306 ::1/128                  On-link
     20     18 2001::/32                On-link
     20    266 2001:0:9d38:6ab8:45f:3df4:3f57:fef9/128
                                        On-link
      9    281 fe80::/64                On-link
     20    266 fe80::/64                On-link
     20    266 fe80::45f:3df4:3f57:fef9/128
                                        On-link
      9    281 fe80::14cf:f4cf:a240:ed98/128
                                        On-link
      1    306 ff00::/8                 On-link
     20    266 ff00::/8                 On-link
      9    281 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

    Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
    Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
    Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
    Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
    Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
    Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
    Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (02/21/2015 09:59:01 PM) (Source: Windows Search Service) (User: )
    Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\GOOGLE\DRIVE\USER_DEFAULT\SYNC_CONFIG.DB-WAL> in the hash map cannot be updated.

    Context:  Application, SystemIndex Catalog


    Details:
        A device attached to the system is not functioning.   (0x8007001f)

    Error: (02/21/2015 04:30:23 PM) (Source: Windows Search Service) (User: )
    Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\GOOGLE\DRIVE\USER_DEFAULT\SYNC_CONFIG.DB-WAL> in the hash map cannot be updated.

    Context:  Application, SystemIndex Catalog


    Details:
        A device attached to the system is not functioning.   (0x8007001f)

    Error: (02/21/2015 04:08:00 PM) (Source: Windows Search Service) (User: )
    Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\GOOGLE\DRIVE\USER_DEFAULT\SYNC_CONFIG.DB-WAL> in the hash map cannot be updated.

    Context:  Application, SystemIndex Catalog


    Details:
        A device attached to the system is not functioning.   (0x8007001f)

    Error: (02/21/2015 04:01:23 AM) (Source: Windows Search Service) (User: )
    Description: The entry <C:\USERS\CHOSEN072\APPDATA\LOCAL\GOOGLE\DRIVE\USER_DEFAULT\SYNC_CONFIG.DB-WAL> in the hash map cannot be updated.

    Context:  Application, SystemIndex Catalog


    Details:
        A device attached to the system is not functioning.   (0x8007001f)

    Error: (02/21/2015 03:25:50 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1140789

    Error: (02/21/2015 03:25:50 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1140789

    Error: (02/21/2015 03:25:50 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/21/2015 03:25:48 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1139151

    Error: (02/21/2015 03:25:48 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1139151

    Error: (02/21/2015 03:25:48 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (02/21/2015 10:03:56 PM) (Source: Service Control Manager) (User: )
    Description: ScRegSetValueExWFailureCommand%%5

    Error: (02/21/2015 10:02:46 PM) (Source: Service Control Manager) (User: )
    Description: ScRegSetValueExWStart%%5

    Error: (02/21/2015 09:54:21 PM) (Source: Service Control Manager) (User: )
    Description: cdrom

    Error: (02/21/2015 09:54:21 PM) (Source: Service Control Manager) (User: )
    Description: HP CUE DeviceDiscovery Service

    Error: (02/21/2015 09:52:57 PM) (Source: Service Control Manager) (User: )
    Description: Parallel port driver%%1058

    Error: (02/21/2015 04:26:34 PM) (Source: Service Control Manager) (User: )
    Description: cdrom

    Error: (02/21/2015 04:26:32 PM) (Source: Service Control Manager) (User: )
    Description: HP CUE DeviceDiscovery Service

    Error: (02/21/2015 04:25:09 PM) (Source: Service Control Manager) (User: )
    Description: Ricoh xD-Picture Card Driver%%1058

    Error: (02/21/2015 04:25:09 PM) (Source: Service Control Manager) (User: )
    Description: rimsptsk%%1058

    Error: (02/21/2015 04:25:09 PM) (Source: Service Control Manager) (User: )
    Description: rimmptsk%%1058


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
      Date: 2015-02-21 16:59:11.401
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:10.434
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:09.451
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:08.469
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:07.330
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:06.378
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:05.411
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:59:04.444
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:33:20.058
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

      Date: 2015-02-21 16:33:19.091
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.



     Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
     Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
    =========================== Installed Programs ============================
    32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
    ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.15.58233 - ABBYY)
    ABBYY FineReader 9.0 Sprint (Version: 9.00.15.58233 - ABBYY) Hidden
    Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
    Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
    ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
    Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
    Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe Audition 3.0 (HKLM\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
    Adobe Audition 3.0 (Version: 3.0 - Adobe Systems Incorporated) Hidden
    Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
    Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
    Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color Common Settings (HKLM\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
    Adobe Color Common Settings (Version: 1.0.1 - Adobe Systems Incorporated) Hidden
    Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
    Adobe ExtendScript Toolkit 2 (Version: 2.0.2 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
    Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
    Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
    Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
    Adobe Reader 8.2.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A82000000003}) (Version: 8.2.5 - Adobe Systems Incorporated)
    Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
    Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
    Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
    Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
    AIO_Scan (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
    Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
    Amazon Music Importer (HKLM\...\com.amazon.music.uploader) (Version: 2.1.0 - Amazon Services LLC)
    Amazon Music Importer (Version: 2.1.0 - Amazon Services LLC) Hidden
    Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
    BufferChm (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    C4200 (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    C4200_doccd (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    c4200_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 2.36 - Piriform)
    Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.61 - Conexant)
    Copy (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.1.3) (Version: 5.0.1.3 - Coupons.com Incorporated)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Destination Component (Version: 090.000.091.086 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
    DNA (HKCU\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
    DocProc (Version: 9.0.0.0 - Hewlett-Packard) Hidden
    DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
    Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
    Epson E-Web Print (HKLM\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
    Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
    Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
    EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
    EPSON WF-2540 Series Printer Uninstall (HKLM\...\EPSON WF-2540 Series) (Version:  - SEIKO EPSON Corporation)
    EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
    ESU for Microsoft Vista (HKLM\...\{54F7A791-38DE-4439-AB3F-B3F7DDA89C75}) (Version: 2.0.5.1 - Hewlett-Packard)
    eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    FileZilla Client 3.5.3 (HKLM\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
    Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
    Firestorm-Release (remove only) (HKLM\...\Firestorm-Release) (Version: 4.4.2.34167 - The Phoenix Firestorm Project, Inc.)
    FlipShare (HKLM\...\{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}) (Version: 5.10.25.0 - Flip Video)
    Free Audio CD Burner version 1.4.7 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
    Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.2.4.1230 - DVDVideoSoft Ltd.)
    Free YouTube Download version 3.1.42.1212 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.42.1212 - DVDVideoSoft Ltd.)
    Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
    Google Drive (HKLM\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
    Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
    Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
    HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version:  - )
    HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
    HP Active Support Library 32 bit components (Version: 1.0.9 - Hewlett-Packard) Hidden
    HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.1.0.2278 - Hewlett-Packard)
    HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
    HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.1.0.2279 - Hewlett-Packard)
    HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company)
    HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
    HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP)
    HP Photosmart All-In-One Software 9.0 (HKLM\...\{B09BCBF6-87EE-4403-A336-3A9510856535}) (Version: 9.0 - HP)
    HP Photosmart Essential 2.5 (Version: 1.03.0000 - Hewlett-Packard) Hidden
    HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
    HP Product Assistant (Version: 100.000.001.000 - Hewlett-Packard) Hidden
    HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 4.0.0011 - Hewlett-Packard Company)
    HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
    HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
    HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 112.200.19110 - Hewlett-Packard)
    HP Smart Web Printing (Version: 112.200.19110 - Hewlett-Packard) Hidden
    HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
    HP Total Care Advisor (HKLM\...\{F6B29003-A078-4491-AFBE-62EFB6CFFE19}) (Version: 1.1.19 - Hewlett-Packard)
    HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
    HP User Guides 0056 (HKLM\...\{5AB56552-6938-4686-9F87-DB0ED8D1E06B}) (Version: 1.02.0000 - Hewlett-Packard)
    HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H3 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
    HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
    HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000 - Hewlett-Packard) Hidden
    HPProductAssistant (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    HPSSupply (HKLM\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
    InstantShareDevicesMFC (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
    Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051F0}) (Version: 7.0.510 - Oracle)
    Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.710 - Oracle)
    Java Auto Updater (Version: 2.1.71.14 - Oracle, Inc.) Hidden
    Jing (HKLM\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
    LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
    LightScribe  1.6.43.1 (Version: 1.6.43.1 - http://www.lightscribe.com) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Corporation (Version: 9.0.30729.1 - Microsoft Corporation) Hidden
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
    Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
    Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
    Microsoft Security Client (Version: 4.7.0205.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
    Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSCU for Microsoft Vista (HKLM\...\{F7F3B252-E772-48AA-93EB-7964BC326067}) (Version: 1.0.1.3 - Hewlett-Packard)
    MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
    MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    My HP Games (HKLM\...\WildTangent hplaptop Master Uninstall) (Version: HPLAP0503 - WildTangent)
    MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
    Nielsen (HKLM\...\NetSight) (Version:  - )
    Notepad++ (HKLM\...\Notepad++) (Version: 5.6.4 - )
    NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM\...\{8AAB4176-A747-493A-A42C-B63CFADFD8E3}) (Version: 9.09.0010 - NVIDIA Corporation)
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    Outlook Setup Tool (HKLM\...\outlookset) (Version: 2.2.19 - Starfield Technologies)
    [email protected] (HKLM\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
    PanoStandAlone (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
    Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    PS_AIO_ProductContext (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    PS_AIO_Software (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    PS_AIO_Software_min (Version: 90.0.222.000 - Hewlett-Packard) Hidden
    PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
    QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
    QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
    Roxio Activation Module (Version: 1.0 - Roxio) Hidden
    Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
    Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
    Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
    Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
    Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
    Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
    Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
    Roxio MyDVD Basic v9 (HKLM\...\{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}) (Version: 9.0.551 - Roxio)
    SAM Broadcaster v4 (HKLM\...\SAM3) (Version: v4 - Spacial Audio Solutions, LLC)
    Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
    Samsung Kies (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
    Scan (Version: 9.0.0.0 - Hewlett-Packard) Hidden
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
    Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
    SmartAudio (HKLM\...\SmartAudio) (Version:  - Conexant)
    Software Updater (HKLM\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
    SolutionCenter (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    Toolbox (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
    Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
    UnloadSupport (Version: 9.0.0 - Hewlett-Packard) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
    Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
    Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
    Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
    Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956096) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BC0B6553-7271-4D52-A076-E9A4780611E8}) (Version:  - Microsoft)
    Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
    Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
    Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
    UserTesting.com Recorder Plugin (HKCU\...\UserTestingPlugin) (Version:  - UserTesting.com)
    VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
    VirtualDJ Broadcaster (HKLM\...\{7B5B18A3-9FF8-4387-91D6-D8DE78CFFE12}) (Version: 7.4 - Atomix Productions)
    VLC media player 1.0.0 (HKLM\...\VLC media player) (Version: 1.0.0 - VideoLAN Team)
    Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.62.0 - Verizon)
    VzDownloadManager (HKCU\...\VzDownloadManager) (Version: 2.0.0.2 - Verizon)
    WebReg (Version: 90.0.146.000 - Hewlett-Packard) Hidden
    Winamp Toolbar for Firefox (HKLM\...\Winamp Toolbar for Firefox) (Version: 5.5.1.1 - AOL LLC)
    Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
    Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
    WONswap (HKLM\...\WONswap) (Version:  - )
    Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

    ========================= Devices: ================================

    Name: Microsoft ISATAP Adapter #7
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name:
    Description:
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ========================= Memory info: ===================================

    Percentage of memory in use: 43%
    Total physical RAM: 1982.18 MB
    Available physical RAM: 1116.82 MB
    Total Pagefile: 4206.76 MB
    Available Pagefile: 3113.36 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1933.47 MB

    ========================= Partitions: =====================================

    1 Drive c: (OS) (Fixed) (Total:103.38 GB) (Free:6.4 GB) NTFS
    2 Drive d: (DATA) (Fixed) (Total:111.79 GB) (Free:11.78 GB) NTFS
    3 Drive e: (HP_RECOVERY) (Fixed) (Total:8.41 GB) (Free:1.35 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\ROBINS-LT

    Administrator            Chosen072                Guest                    

    ========================= Minidump Files ==================================

    No minidump file found


    **** End of log ****
     


    • 0

    #30
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,016 posts
    • MVP

    FRST says it can fix winsock 5 entries so let's give it a try:

     

     

    If this doesn't work we may have to work on the permissions in the registry.

     

     

    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP