Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Think I got malware (flexify.exe)

Started by Lexy610 , Mar 12 2015 09:21 PM

Please log in to reply

#46
RKinner

Posted 18 March 2015 - 09:53 PM

Malware Expert

Expert
24,625 posts

Did you have a CD in the drive when you booted or is the boot order still telling it to look in the CD/DVD first? That might be why you get all of the system errors or it could be the hard drive or the cabling to the hard drive. The fact that the short test failed but the long passed is odd. Normally the short always passes and the long fails. Could indicate some flakiness with the drive. Shut it down. Open it up and reseat the drive cables.

For the Application errors let's run the Windows Installer Cleanup Utility http://www.majorgeek...up_utility.html

See if you can find and delete HP Memories Disc or {C1C6767D-B395-43CB-BF99-051B58B86DA6} with the installer cleanup utility.

There is a tutorial on the same page as the download links. (You do not need to fill out any forms. Just wait for the download after pressing one of the links under download locations.)

Go back into msconfig and look under Startup and see if this item is unchecked:

C:\Documents and Settings\User\Start Menu\Programs\Startup\Memeo AutoBackup Launcher.lnk or C:\WINDOWS\pss\Memeo AutoBackup Launcher.lnkStartup

#47
Lexy610

Posted 24 March 2015 - 12:22 AM

Member

Topic Starter
Member
743 posts

yes I think there is a CD in the CD/DVD drive .. however i cant get it to open. Its stuck .. this has happened before and was able to open it unfortunately it wont open now.

I have no idea what you mean by "reseat the drive cables"!

I installed and ran the cleanup utility and deleted "HP Memories Disc or {C1C6767D-B395-43CB-BF99-051B58B86DA6}"

I went back to msconfig/startup and did not see it any longer .. however I did turn off a few annoying things that kept popping up when I turned on the computer .. it just made it super slow to load and I still have pop ups after the reboot.

The photogallery one keeps opening and it takes a long tme to load and even longer if I try to shut it off!

#48
RKinner

Posted 24 March 2015 - 08:35 AM

Malware Expert

Expert
24,625 posts

Forgot it's a laptop. No cables.

On most CD drives there is a small hole. If you unbend a paper clip and stick it in the hole you can usually get the drive to open.

You have two items in Startup that might be opening the photogallery:

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
ShortcutTarget: HP Photosmart Premier Fast Start.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)

These are shortcuts in C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ You can just move the shortcuts to somewhere else to see if they are causing photogallery to open.

What kind of popups are you talking about? Do we need to run adwcleaner again?

#49
Lexy610

Posted 24 March 2015 - 10:20 PM

Member

Topic Starter
Member
743 posts

No I don't have a laptop .. Its a dell desktop.

I got the CD/DVD drive open and it had the hp envy 5530 all in one printer CD in it probably when i was installing the printer and forgot it was in the drive.

unchecked anything HP you mentioned and i also deleted it in the start-up folder ..

When I say pop up I am talking about the same thing the photo-imaging

Still getting this even after all I did above

Edited by Lexy610, 24 March 2015 - 10:20 PM.

#50
RKinner

Posted 25 March 2015 - 08:37 AM

Malware Expert

Expert
24,625 posts

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don't want to save the old log), OK. Repeat for Application.

Reboot.

Run FRST scan with Addition checked and post the logs.

#51
Lexy610

Posted 25 March 2015 - 04:29 PM

Member

Topic Starter
Member
743 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by User (administrator) on LEXY on 25-03-2015 18:24:40
Running from C:\Documents and Settings\User\Desktop
Loaded Profiles: User (Available profiles: User & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVR.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Conexant Systems, Inc.) C:\WINDOWS\system32\PRISMSVC.exe
() C:\WINDOWS\system32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CtHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Seagate) C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Seagate) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(Creative Technology Ltd) C:\Program Files\Creative\DVDAudio\CTDVDDET.exe
(Acronis) C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
(BVRP Software) C:\Program Files\Digital Line Detect\DLG.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
(Dell Inc.) C:\Program Files\Dell Wireless\PRISMCFG.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqimzone.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
HKLM\...\Run: [Standby] => c:\Program Files\Common Files\Corel\Standby\Standby.exe [105632 2010-01-07] (Corel)
HKLM\...\Run: [SleekBillNot] => "C:\Program Files\Sleek Bill\Sleek Bill.exe" /n
HKLM\...\Run: [SigmatelSysTrayApp] => C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [136472 2008-06-24] (Seagate)
HKLM\...\Run: [NeroCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ehTray] => C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM\...\Run: [DiscWizardMonitor.exe] => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1325848 2008-06-24] (Seagate)
HKLM\...\Run: [CTxfiHlp] => C:\WINDOWS\system32\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [CTSVolFE] => "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
HKLM\...\Run: [CTDVDDET] => C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2006-02-09] (ATI Technologies, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [904768 2008-06-24] (Acronis)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
Winlogon\Notify\PRISMAPI.DLL: C:\WINDOWS\system32\PRISMAPI.DLL (Conexant Systems, Inc.)
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [DellSystemDetect] => C:\Documents and Settings\User\Local Settings\Apps\2.0\GLODYH45.LZJ\9PTZC5LD.W03\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-05-16] (Dell)
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [BlackBerryLink.exe] => "C:\Program Files\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [DriverMax_RESTART] => "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [DriverMax] => "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -agent
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [CTZDetec.exe] => C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Run: [Creative Detector] => C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [102400 2004-12-02] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk
ShortcutTarget: HP Photosmart Premier Fast Start.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless USB 2.0 WLAN Card Utility.lnk
ShortcutTarget: Wireless USB 2.0 WLAN Card Utility.lnk -> C:\Program Files\Dell Wireless\PRISMCFG.exe (Dell Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\Monitor Ink Alerts - HP ENVY 5530 series.lnk
ShortcutTarget: Monitor Ink Alerts - HP ENVY 5530 series.lnk -> C:\Program Files\HP\HP ENVY 5530 series\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-606747145-117609710-839522115-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.optimum.net
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-06] (AVAST Software)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2014-11-19] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-18] (Oracle Corporation)
DPF: {000F1EA4-5E08-4564-A29B-29076F63A37A} http://launch.soe.co...ebInstaller.cab
DPF: {04063354-A10E-4427-A1EC-F3CC81587BC6} http://www.worldwinn...mines/mines.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://www.pandasecu...s/as2stubie.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1044
DPF: {41D1977F-4161-4720-800F-EA4903983A38} http://www.worldwinn...gsaw/jigsaw.cab
DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinn...d/bejeweled.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1229566731421
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab
DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinn...apit/swapit.cab
DPF: {B06CE1BC-5D9D-4676-BD28-1752DBF394E0} http://www.worldwinn...man/hangman.cab
DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinn...ty/tilecity.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinn...h/dinerdash.cab
DPF: {C93C1C34-CEA9-49B1-9046-040F59E0E0D8} http://www.worldwinn...paint/paint.cab
DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [2003-10-23] (Hewlett-Packard Company)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\pt96kby9.default-1369614150234
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [2008-02-20] (DivX,Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\WINDOWS\Downloaded Program Files\CONFLICT.2\npsoe.dll [2010-09-30] ()
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-606747145-117609710-839522115-1003: @facebook.com/FBPlugin,version=1.0.3 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll [2010-06-09] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-24] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-24] (Apple Inc.)
FF Extension: Diccionario de Español/España - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\pt96kby9.default-1369614150234\Extensions\[email protected] [2014-06-13]
FF Extension: Diccionario en Español para Venezuela - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\pt96kby9.default-1369614150234\Extensions\[email protected] [2013-06-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-06]
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-05]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-16] (Adobe Systems) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
S4 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-07-06] (Creative Labs) [File not signed]
S3 Creative Labs Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe [69632 2014-06-12] (Creative Labs) [File not signed]
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PRISMSVC; C:\WINDOWS\system32\PRISMSVC.EXE [61529 2006-10-12] (Conexant Systems, Inc.) [File not signed]
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [177704 2007-06-05] ()
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
R2 SgtSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [431384 2008-06-24] (Seagate)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [20747 2006-10-26] (Meetinghouse Data Communications) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [35840 2004-10-07] (Oak Technology Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-12-06] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-12-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-12-06] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-12-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-12-06] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-12-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-12-06] ()
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S0 cercsr6; C:\WINDOWS\system32\Drivers\cercsr6.sys [39904 2004-12-13] (Adaptec, Inc.) [File not signed]
S3 COMMONFX; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\WINDOWS\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\WINDOWS\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTAUDFX; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\WINDOWS\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [347144 2010-03-18] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\WINDOWS\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPFX.DLL; C:\WINDOWS\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPIO.DLL; C:\WINDOWS\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPSY.DLL; C:\WINDOWS\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTERFXFX; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\WINDOWS\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\WINDOWS\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTHWIUT.DLL; C:\WINDOWS\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTSBLFX; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\WINDOWS\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [798808 2010-03-18] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [162904 2010-03-18] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [189528 2010-03-18] (Creative Technology Ltd)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2006-04-12] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R3 IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [1339776 2005-05-06] (Intel Corporation)
R3 IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [618880 2006-03-02] (Intel Corporation)
R3 IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [47360 2005-05-06] (Intel Corporation)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
R3 mohfilt; C:\WINDOWS\System32\DRIVERS\mohfilt.sys [36880 2005-05-06] (Intel Corporation)
R0 MxEFUF; C:\WINDOWS\System32\DRIVERS\MxEFUF32.sys [102728 2010-11-04] (Matrox Graphics Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\DRIVERS\netaapl.sys [18432 2011-05-10] (Apple Inc.) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [18856 2007-08-31] (Microsoft Corporation)
S3 qcserxp; C:\WINDOWS\System32\DRIVERS\qcserxp.sys [103424 2009-01-24] (QUALCOMM Incorporated)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb.sys [68096 2013-12-02] (BlackBerry Limited)
S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis.sys [12800 2014-06-23] (Research in Motion Limited)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 SQTECH905C; C:\WINDOWS\System32\Drivers\Capt905c.sys [37760 2007-05-18] (Service & Quality Technology.) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R0 tdrpman; C:\WINDOWS\System32\DRIVERS\tdrpman.sys [368480 2012-07-21] (Acronis)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [44384 2012-07-21] (Acronis)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 16:24 - 2015-03-24 16:24 - 00000215 _____ () C:\Documents and Settings\User\Desktop\g2g.txt
2015-03-24 16:19 - 2015-03-24 16:19 - 00001879 _____ () C:\Documents and Settings\User\Desktop\HP Digital Imaging Monitor.lnk
2015-03-23 23:24 - 2015-03-23 23:50 - 00002325 _____ () C:\Documents and Settings\User\Start Menu\Programs\Windows Install Clean Up.lnk
2015-03-23 23:24 - 2015-03-23 23:24 - 00000000 ____D () C:\Program Files\Windows Installer Clean Up
2015-03-23 23:12 - 2015-03-23 23:12 - 00359656 _____ (Microsoft Corporation) C:\Documents and Settings\User\Desktop\msicuu2.exe
2015-03-22 18:00 - 2015-03-22 18:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-18 17:21 - 2015-03-18 17:25 - 00000000 ____D () C:\Program Files\SeaTools Enterprise
2015-03-18 17:21 - 2015-03-18 17:24 - 00001714 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\SeaTools Enterprise.lnk
2015-03-18 17:21 - 2015-03-18 17:21 - 00000000 _____ () C:\WINDOWS\PROTOCOL.INI
2015-03-18 17:21 - 2001-10-31 15:52 - 00000478 _____ () C:\WINDOWS\system32\Seatools.reg
2015-03-18 17:20 - 1996-11-05 17:13 - 00299008 _____ (InstallShield Corporation, Inc.) C:\WINDOWS\uninst.exe
2015-03-18 17:19 - 2015-03-18 17:19 - 00000000 ____D () C:\Documents and Settings\User\WINDOWS
2015-03-18 17:18 - 2015-03-18 17:18 - 03015948 _____ () C:\Documents and Settings\User\Desktop\seatools_enterprise_install.exe
2015-03-18 02:07 - 2015-03-18 02:07 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-03-18 02:07 - 2015-03-18 02:06 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-03-18 02:07 - 2015-03-18 02:06 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-03-18 02:06 - 2015-03-18 02:07 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2015-03-18 02:06 - 2015-03-18 02:06 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2015-03-18 02:02 - 2015-03-18 02:02 - 00561064 _____ (Oracle Corporation) C:\Documents and Settings\User\Desktop\jxpiinstall.exe
2015-03-17 17:49 - 2015-03-17 17:49 - 00001038 _____ () C:\Documents and Settings\All Users\Desktop\SeaTools for Windows.lnk
2015-03-17 17:48 - 2015-03-17 17:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
2015-03-17 17:47 - 2015-03-17 17:47 - 26771088 _____ () C:\Documents and Settings\User\Desktop\SeaToolsforWindowsSetup.exe
2015-03-17 17:43 - 2015-03-18 22:57 - 00002967 _____ () C:\VEW.txt
2015-03-17 17:40 - 2015-03-17 17:40 - 00061440 _____ ( ) C:\Documents and Settings\User\Desktop\VEW.exe
2015-03-17 04:32 - 2015-03-17 04:32 - 00524288 _____ () C:\Documents and Settings\User\Desktop\application.evt
2015-03-17 04:32 - 2015-03-17 04:32 - 00065536 _____ () C:\Documents and Settings\User\Desktop\system.evt
2015-03-17 04:10 - 2015-03-17 04:10 - 00080528 _____ () C:\Documents and Settings\User\Desktop\Extras.Txt
2015-03-17 04:09 - 2015-03-17 04:09 - 00203276 _____ () C:\Documents and Settings\User\Desktop\OTL.Txt
2015-03-17 03:19 - 2015-03-18 02:20 - 00044616 _____ () C:\Documents and Settings\User\Desktop\Addition.txt
2015-03-17 03:17 - 2015-03-17 03:17 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\User\Desktop\OTL.exe
2015-03-17 01:09 - 2015-03-17 01:09 - 00000988 _____ () C:\Documents and Settings\User\Desktop\JRT.txt
2015-03-17 00:30 - 2015-03-17 00:45 - 00000000 ____D () C:\AdwCleaner
2015-03-17 00:29 - 2015-03-17 00:29 - 01388737 _____ (Thisisu) C:\Documents and Settings\User\Desktop\JRT.exe
2015-03-17 00:25 - 2015-03-17 00:25 - 02171392 _____ () C:\Documents and Settings\User\Desktop\AdwCleaner.exe
2015-03-16 18:46 - 2015-03-16 18:48 - 00064895 _____ () C:\Documents and Settings\User\Desktop\LEXY.txt
2015-03-10 16:19 - 2015-03-10 16:19 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2015-03-10 16:19 - 2015-03-10 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2015-03-10 16:17 - 2015-03-10 16:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-03-10 16:17 - 2015-03-10 16:17 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 18:26 - 2013-11-05 12:11 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-03-25 18:25 - 2014-05-14 00:06 - 00029632 _____ () C:\Documents and Settings\User\Desktop\FRST.txt
2015-03-25 18:25 - 2007-12-20 12:44 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Temp
2015-03-25 18:24 - 2014-05-08 10:09 - 00000000 ____D () C:\FRST
2015-03-25 18:22 - 2008-12-31 05:06 - 01373237 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-25 18:21 - 2013-12-02 23:10 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\HTC MediaHub
2015-03-25 18:21 - 2007-12-30 19:38 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-25 18:21 - 2007-12-30 19:38 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-25 18:21 - 2007-12-20 12:33 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-25 18:20 - 2007-12-20 12:43 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-25 18:19 - 2014-12-12 03:46 - 02900256 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2015-03-25 18:19 - 2014-07-06 02:33 - 04935328 _____ () C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.BAK
2015-03-25 18:19 - 2014-07-06 02:32 - 04935328 _____ () C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20061102}.CDF
2015-03-25 18:19 - 2007-12-20 12:44 - 00000278 ___SH () C:\Documents and Settings\User\ntuser.ini
2015-03-25 18:19 - 2007-12-20 12:43 - 00032372 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-25 17:55 - 2012-08-22 11:12 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-25 00:19 - 2014-05-14 00:59 - 00000000 ____D () C:\Documents and Settings\User\Desktop\Email Attachments
2015-03-24 20:00 - 2012-03-17 00:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\DivX
2015-03-24 20:00 - 2008-03-20 16:11 - 00000000 ____D () C:\Program Files\DivX
2015-03-24 19:59 - 2012-03-17 00:59 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2015-03-24 19:59 - 2008-03-20 16:11 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DivX
2015-03-24 16:22 - 2008-02-11 01:00 - 00007680 __SHC () C:\WINDOWS\Thumbs.db
2015-03-24 16:18 - 2007-12-20 07:26 - 00000325 __RSH () C:\boot.ini
2015-03-24 16:18 - 2004-08-10 07:00 - 00000859 _____ () C:\WINDOWS\win.ini
2015-03-24 16:18 - 2004-08-10 07:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-03-23 23:46 - 2012-03-17 01:20 - 00000000 ____D () C:\Documents and Settings\User\Tracing
2015-03-23 23:39 - 2009-11-30 00:47 - 00000000 ____D () C:\Program Files\MSECache
2015-03-23 23:37 - 2012-07-22 17:58 - 00778928 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-03-23 23:37 - 2012-03-15 14:47 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-03-23 23:36 - 2014-09-04 20:39 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Adobe
2015-03-23 23:29 - 2012-07-22 16:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-23 22:50 - 2014-09-15 01:44 - 00000000 ____D () C:\Documents and Settings\User\My Documents\SSL Salesian Papers
2015-03-21 17:52 - 2004-08-10 07:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-18 02:05 - 2008-03-01 15:54 - 00000000 ____D () C:\Program Files\Java
2015-03-18 02:01 - 2012-03-17 00:42 - 00000000 ____D () C:\Program Files\FileHippo.com
2015-03-18 02:01 - 2007-12-29 22:57 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-03-18 02:00 - 2008-02-18 21:00 - 00004129 ____C () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2015-03-18 01:57 - 2008-02-18 21:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\HP
2015-03-17 18:25 - 2008-01-08 21:50 - 00000000 ____D () C:\WINDOWS\pss
2015-03-17 17:48 - 2012-07-21 23:30 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Seagate
2015-03-17 17:48 - 2012-06-29 20:54 - 00000000 ____D () C:\Program Files\Seagate
2015-03-17 16:26 - 2014-05-14 19:36 - 00672473 _____ () C:\WINDOWS\setupapi.log
2015-03-17 00:43 - 2014-05-13 20:57 - 01135104 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2015-03-13 01:51 - 2008-01-09 00:21 - 00374294 __SHC () C:\Documents and Settings\User\Desktop\Thumbs.db
2015-03-13 01:38 - 2007-12-26 22:39 - 03100672 ___SH () C:\Documents and Settings\User\My Documents\Thumbs.db
2015-03-11 02:38 - 2014-06-29 15:49 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-11 00:57 - 2007-12-20 12:44 - 00001599 _____ () C:\Documents and Settings\User\Start Menu\Programs\Remote Assistance.lnk
2015-03-10 23:04 - 2008-01-02 09:32 - 00001599 ____C () C:\Documents and Settings\Guest\Start Menu\Programs\Remote Assistance.lnk
2015-03-10 23:03 - 2007-12-20 12:36 - 00001599 ____C () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
2015-03-10 23:03 - 2007-12-20 12:36 - 00001563 _____ () C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
2015-03-10 23:03 - 2007-12-20 12:36 - 00001507 _____ () C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk
2015-03-10 22:44 - 2009-01-04 16:31 - 00001599 ____C () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-03-10 22:22 - 2013-08-14 02:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-10 21:59 - 2007-12-20 15:07 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-10 16:19 - 2010-09-04 16:49 - 00000000 ____D () C:\Program Files\iTunes
2015-03-10 16:17 - 2007-12-22 18:42 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-08 15:04 - 2007-12-20 07:28 - 00621030 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-08 15:00 - 2014-05-17 01:18 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-03-02 21:00 - 2009-07-23 13:30 - 00152800 ____C () C:\Documents and Settings\User\Application Data\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories =======

2011-03-02 11:21 - 2011-03-02 11:21 - 0002528 ____C () C:\Documents and Settings\User\Application Data\$_hpcst$.hpc
2010-09-14 18:13 - 2010-12-04 01:20 - 0000965 ____C () C:\Documents and Settings\User\Application Data\BBMS_EXCEPTION.txt
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.Exception.log
2014-12-12 02:10 - 2014-12-12 03:19 - 0001925 _____ () C:\Documents and Settings\User\Application Data\Rim.Desktop.HttpServerSetup.log
2014-12-12 02:12 - 2014-12-12 02:47 - 0000077 _____ () C:\Documents and Settings\User\Application Data\Rim.DesktopHelper.Exception.log
2011-08-18 13:08 - 2011-08-18 13:08 - 0206473 ____C () C:\Documents and Settings\User\Local Settings\Application Data\ars.cache
2011-08-18 13:09 - 2011-08-18 13:09 - 0223067 ____C () C:\Documents and Settings\User\Local Settings\Application Data\census.cache
2007-12-22 22:58 - 2014-12-26 23:56 - 0203776 ____C () C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2007-12-20 12:47 - 2007-12-20 12:47 - 0000127 ____C () C:\Documents and Settings\User\Local Settings\Application Data\fusioncache.dat
2011-02-01 10:46 - 2011-02-01 10:46 - 0000036 ____C () C:\Documents and Settings\User\Local Settings\Application Data\housecall.guid.cache
2007-07-13 14:36 - 2007-07-13 14:36 - 0220184 ____C ( ) C:\Documents and Settings\User\Local Settings\Application Data\Interop.Microsoft.Office.Core.dll
2014-07-14 16:59 - 2014-07-14 17:06 - 0000191 _____ () C:\Documents and Settings\User\Local Settings\Application Data\rbxcsettings.rbx
2005-12-13 17:12 - 2005-12-13 17:12 - 0016384 ____C (Microsoft Corporation) C:\Documents and Settings\User\Local Settings\Application Data\stdole.dll

Some content of TEMP:
====================
C:\Documents and Settings\User\Local Settings\Temp\comsvcs.dll
C:\Documents and Settings\User\Local Settings\Temp\DivXSetup.exe
C:\Documents and Settings\User\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\User\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\User\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\User\Local Settings\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

#52
Lexy610

Posted 25 March 2015 - 04:30 PM

Member

Topic Starter
Member
743 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by User at 2015-03-25 18:26:47
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials (Disabled - Up to date) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

20/20 v2.2 (HKLM\...\20/20 v2.2) (Version: - )
6300 (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300_Help (Version: 71.0.215.000 - Hewlett-Packard) Hidden
6300Trb (Version: 71.0.215.000 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Connect 9 Add-in (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Adobe Connect 9 Add-in) (Version: 11,9,971,247 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Ahead Nero Burning ROM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
Ahead NeroMediaPlayer (HKLM\...\NMPUninstallKey) (Version: - )
AiO_Scan_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
AiOSoftwareNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version: - )
Alien Skin Eye Candy 5 Nature (HKLM\...\EyeCandy5Nature) (Version: - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{D58AFD19-6736-A938-154A-EABEA741D2CC}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1014 - )
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5183 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.23-060209a1-030546C-Dell - )
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.2.1.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CleanUp! (HKLM\...\CleanUp!) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (Version: 1.6.1.109 - Corel Corporation) Hidden
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
Corel PaintShop Photo Pro X3 (HKLM\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (Version: 1.00.0000 - Corel Corporation) Hidden
CP_CalendarTemplates1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 70.0.170.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Creative Audio Console (HKLM\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Creative MediaSource 5 (HKLM\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative MediaSource DVD-Audio Player (HKLM\...\Creative MediaSource DVD-Audio Player) (Version: - )
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version: - Microsoft Corporation)
CueTour (Version: 70.0.170.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DB CIF Cam (HKLM\...\{83d96ed0-98aa-4515-8ddc-816f3efdd104}) (Version: 1.0 - My Company Name)
Dell Driver Download Manager (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Resource CD (HKLM\...\{FCD9CD52-7222-4672-94A0-A722BA702FD0}) (Version: 1.00.0000 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\9204f5692a8faf3b) (Version: 5.7.0.6 - Dell)
Destinations (Version: 70.0.170.000 - Hewlett-Packard) Hidden
DeviceIO (Version: 1.6.1.109 - Corel Corporation) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.6.0 - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
DocProc (Version: 7.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Evernote v. 5.7.2 (HKLM\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
Eye Candy 4000 (HKLM\...\Eye Candy 4000) (Version: - )
Facebook Plug-In (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Fax_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Customer Participation Program 7.0 (HKLM\...\HPExtendedCapabilities) (Version: 7.0 - HP)
hp deskjet 5100 (HKLM\...\{15C165F1-1DAE-4476-AFB6-8723729B41E7}) (Version: 1.03.0000 - Hewlett-Packard)
HP ENVY 5530 series Basic Device Software (HKLM\...\{5EBC9F1B-F969-4CF9-A616-F6BDDD46042B}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 7.0 (HKLM\...\HP Imaging Device Functions) (Version: 7.0 - HP)
HP Photo and Imaging 2.0 - Deskjet Series (HKLM\...\{E0828692-FD9D-459F-9312-C645C3CA6650}) (Version: 2.00.0000 - {&Tahoma8}Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Premier Software 6.5 (HKLM\...\HP Photo & Imaging) (Version: 6.5 - HP)
HP Photosmart, Officejet and Deskjet 7.0.A (HKLM\...\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}) (Version: - HP)
hp print screen utility (HKLM\...\hp print screen utility) (Version: - )
HP Solution Center 7.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 7.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 70.0.170.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.14.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.37.2 - HTC)
ICA (Version: 1.6.1.109 - Corel Corporation) Hidden
IncrediMail (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
IncrediMail Data Manager (HKLM\...\IncrediMail Data Manager) (Version: 1.15 - Silent Wings Software)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
InstantShareDevices (Version: 70.0.170.000 - Hewlett-Packard) Hidden
InstantShareDevicesMFC (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Intel® 537EP V9x DF PCI Modem (HKLM\...\Intel® 537EP V9x DF PCI Modem) (Version: - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® Viiv™ (HKLM\...\{903CE8F7-6C7B-41E6-A1CF-3BF1176264EC}) (Version: 1.0.1.2012 - Intel Corporation)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
IPM_PSP_Pro (Version: 1.00.0000 - Corel Corporation) Hidden
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Jasc Paint Shop Pro 9 (HKLM\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc)
Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Kai's Power Tools 5 (HKLM\...\Kai's Power Tools 5) (Version: - )
Kies mini (HKLM\...\InstallShield_{EE43894E-FDCF-4A8C-BCD6-3AAA9A48B486}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Kies mini (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
KPT 6 (HKLM\...\KPT 6) (Version: - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Memeo AutoBackup (HKU\S-1-5-21-606747145-117609710-839522115-1003\...\InstallShield_{6BCEB97B-F315-455D-BC2D-565A1A6781E8}) (Version: 2.50.1938 - Memeo)
Memeo AutoBackup (Version: 2.50.1938 - Memeo) Hidden
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM\...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM\...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Drivers Download Utility 3.4.4 (HKLM\...\{8570C6C9-4FD4-4306-8B57-D31A622E3E03}_is1) (Version: 3.4.4 - LionSea Software)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
MLE (Version: 1.0.0.23 - Corel Corporation) Hidden
MobileMe Control Panel (HKLM\...\{5A9AA2C0-972F-4239-AA41-E409434194D5}) (Version: 3.1.8.0 - Apple Inc.)
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.40 - BVRP Software)
Modem On Hold (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 1.12 - BVRP Software, Inc)
Mozilla Firefox 37.0 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0 (x86 en-US)) (Version: 37.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSN (HKLM\...\MSNINST) (Version: - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NewCopy_CDA (Version: 71.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S 7.0 (HKLM\...\HPOCR) (Version: 7.0 - HP)
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version: - )
PanoStandAlone (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
PhotoGallery (Version: 70.0.170.000 - Hewlett-Packard) Hidden
PhotoMail Maker (HKLM\...\PhotoMail) (Version: 6.0.0.1007 - IncrediMail Ltd.)
PhotoMail Maker (Version: 6.0.0.1007 - IncrediMail) Hidden
ProductContextNPI (Version: 71.0.215.000 - Hewlett-Packard) Hidden
PSPH10Pro (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (Version: 13.0.0 - Corel Corporation) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RandMap (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Readme (Version: 71.0.215.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5377 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (Version: 7.0.0.0 - Hewlett-Packard) Hidden
ScannerCopy (Version: 7.0.0.0 - Hewlett-Packard) Hidden
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Seagate DiscWizard (HKLM\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8142 - Seagate)
SeaTools Enterprise (HKLM\...\SeaTools Enterprise) (Version: - )
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version: - Seagate Technology)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup (Version: 1.6.1.109 - Corel Corporation) Hidden
Share (Version: 1.6.1.109 - Corel Corporation) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4600.0 - SigmaTel)
SkinsHP1 (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SlideShow (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic_PrimoSDK (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy ADVANCED MB Demo (HKLM\...\CTMBDemo) (Version: - )
Sound Blaster for Media Center (HKLM\...\Sound Blaster for Media Center) (Version: - )
Splat! 1.0 (HKLM\...\Splat) (Version: - )
SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Status (Version: 70.0.170.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
SweetIM Toolbar for Internet Explorer 3.2 (HKLM\...\{83FA27D5-25B5-4D24-B796-DF742F08A5CF}) (Version: 3.2.0002 - SweetIM Technologies Ltd.) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version: - Microsoft Corporation)
USB 2.0 Wireless LAN Card Utility (HKLM\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version: 8.1.55 - Dell Inc.)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIO (Version: 1.6.1.109 - Corel Corporation) Hidden
virtualPhotographer 1.5.6 (HKLM\...\virtualPhotographer_is1) (Version: - optikVerve Labs)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.59.0 - Verizon)
WD Diagnostics (HKLM\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (Version: 70.0.170.000 - Hewlett-Packard) Hidden
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 29.2.2013 - BillP Studios)
WinRAR 5.00 beta 8 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\CoreAAC.ax No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP3Encoder.dll No File
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-606747145-117609710-839522115-1003_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Documents and Settings\User\Application Data\Smilebox\MP4Splitter.ax (Gabest)

==================== Restore Points =========================

27-12-2014 16:27:13 System Checkpoint
28-12-2014 16:43:41 System Checkpoint
29-12-2014 20:32:14 System Checkpoint
30-12-2014 21:06:35 System Checkpoint
01-01-2015 15:11:49 System Checkpoint
02-01-2015 18:29:54 System Checkpoint
04-01-2015 16:43:45 System Checkpoint
05-01-2015 16:44:24 System Checkpoint
07-01-2015 02:04:15 System Checkpoint
08-01-2015 05:29:35 System Checkpoint
09-01-2015 11:54:24 System Checkpoint
10-01-2015 17:46:12 System Checkpoint
12-01-2015 00:23:53 System Checkpoint
13-01-2015 01:18:56 System Checkpoint
13-01-2015 18:05:21 Software Distribution Service 3.0
14-01-2015 21:52:13 System Checkpoint
15-01-2015 22:44:24 System Checkpoint
16-01-2015 23:33:22 System Checkpoint
18-01-2015 00:24:52 System Checkpoint
19-01-2015 01:07:06 System Checkpoint
20-01-2015 01:28:30 System Checkpoint
21-01-2015 01:53:36 System Checkpoint
22-01-2015 01:59:15 System Checkpoint
25-01-2015 15:12:43 System Checkpoint
26-01-2015 19:27:59 System Checkpoint
27-01-2015 19:49:29 System Checkpoint
28-01-2015 19:55:43 System Checkpoint
29-01-2015 21:11:05 System Checkpoint
30-01-2015 21:35:59 System Checkpoint
01-02-2015 15:58:34 System Checkpoint
02-02-2015 20:53:42 System Checkpoint
03-02-2015 22:25:27 System Checkpoint
04-02-2015 22:29:26 System Checkpoint
07-02-2015 22:12:49 System Checkpoint
09-02-2015 17:48:07 System Checkpoint
10-02-2015 19:19:50 System Checkpoint
11-02-2015 05:16:40 Software Distribution Service 3.0
12-02-2015 18:58:41 System Checkpoint
16-02-2015 21:34:35 Installed HP Support Solutions Framework
16-02-2015 21:39:45 Removed HPSU306Stub
16-02-2015 21:59:33 Installed HP Product Assistant
21-02-2015 00:15:16 System Checkpoint
23-02-2015 22:45:29 System Checkpoint
26-02-2015 18:45:08 System Checkpoint
27-02-2015 20:02:49 System Checkpoint
02-03-2015 21:37:17 System Checkpoint
04-03-2015 18:31:52 System Checkpoint
05-03-2015 18:36:06 System Checkpoint
06-03-2015 20:20:38 System Checkpoint
07-03-2015 21:03:55 System Checkpoint
09-03-2015 01:17:07 System Checkpoint
10-03-2015 10:57:46 System Checkpoint
10-03-2015 21:57:31 Software Distribution Service 3.0
11-03-2015 22:02:11 System Checkpoint
12-03-2015 22:32:18 System Checkpoint
14-03-2015 15:55:58 System Checkpoint
16-03-2015 22:35:58 System Checkpoint
17-03-2015 03:29:10 OTL Restore Point - 3/17/2015 3:29:04 AM
17-03-2015 17:48:57 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
18-03-2015 01:50:40 Removed Java 7 Update 45
18-03-2015 02:01:47 Removed HP Support Solutions Framework
19-03-2015 21:43:47 System Checkpoint
21-03-2015 18:44:17 System Checkpoint
22-03-2015 19:10:36 System Checkpoint
23-03-2015 23:18:33 Installed Windows Installer Clean Up
23-03-2015 23:19:54 Removed Windows Installer Clean Up
23-03-2015 23:24:55 Installed Windows Installer Clean Up
25-03-2015 00:58:16 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-10 07:00 - 2013-10-21 18:39 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-25 15:32 - 2015-03-25 15:32 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\15032501\algo.dll
2013-08-07 15:25 - 2013-08-07 15:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2004-08-10 07:00 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-10 07:00 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-10 07:00 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2014-08-06 13:40 - 2014-08-06 13:40 - 00031080 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2014-12-18 16:08 - 2014-12-18 16:08 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00059752 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2014-08-06 13:41 - 2014-08-06 13:41 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-08-06 13:42 - 2014-08-06 13:42 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-08-06 13:44 - 2014-08-06 13:44 - 00129376 ____C () C:\Program Files\HTC\HTC Sync Manager\zlib1.dll
2014-08-06 13:46 - 2014-08-06 13:46 - 00223592 ____C () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\WINDOWS\system32\PSIService.exe
2015-03-13 23:43 - 2015-03-13 23:43 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-18 16:10 - 2014-12-18 16:10 - 00821600 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2008-06-24 18:35 - 2008-06-24 18:35 - 01328408 ____C () C:\Program Files\Seagate\DiscWizard\fox.dll
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00438336 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll
2014-11-19 23:14 - 2014-11-19 23:14 - 00320064 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b4eed146\mscorlib.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 03035136 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_9a0d88b2\system.windows.forms.dll
2013-07-09 17:37 - 2013-07-09 17:37 - 00843776 ____C () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_b769fb61\system.drawing.dll
2013-07-09 17:24 - 2013-07-09 17:24 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_5f21cab9\system.dll
2013-07-09 17:36 - 2013-07-09 17:36 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_8c2dcaf2\system.xml.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-606747145-117609710-839522115-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^User^Start Menu^Programs^Startup^Memeo AutoBackup Launcher.lnk => C:\WINDOWS\pss\Memeo AutoBackup Launcher.lnkStartup
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DeviceDiscovery => C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
MSCONFIG\startupreg: HP Software Update => "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
MSCONFIG\startupreg: IncrediMail => C:\Program Files\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
MSCONFIG\startupreg: WinPatrol => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

==================== Accounts: =============================

Administrator (S-1-5-21-606747145-117609710-839522115-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-606747145-117609710-839522115-1004 - Limited - Enabled)
Guest (S-1-5-21-606747145-117609710-839522115-501 - Limited - Disabled) => %SystemDrive%\Documents and Settings\Guest
HelpAssistant (S-1-5-21-606747145-117609710-839522115-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-606747145-117609710-839522115-1002 - Limited - Disabled)
User (S-1-5-21-606747145-117609710-839522115-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User

==================== Faulty Device Manager Devices =============

Name: RADEON X300 SE 128MB HyperMemory Secondary
Description: RADEON X300 SE 128MB HyperMemory Secondary
Class Guid: TI Technologies Inc.
Manufacturer: ATI Technologies Inc.
Service: ati2mtag
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Parport
Description: Parport
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Parport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Serial
Description: Serial
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Serial
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/25/2015 06:23:58 PM) (Source: MsiInstaller) (EventID: 11706) (User: LEXY)
Description: Product: PhotoGallery -- Error 1706. An installation package for the product PhotoGallery cannot be found. Try the installation again using a valid copy of the installation package 'PhotoGallery.msi'.

System errors:
=============

Microsoft Office Sessions:
=========================
Error: (03/25/2015 06:23:58 PM) (Source: MsiInstaller) (EventID: 11706) (User: LEXY)
Description: Product: PhotoGallery -- Error 1706. An installation package for the product PhotoGallery cannot be found. Try the installation again using a valid copy of the installation package 'PhotoGallery.msi'.(NULL)(NULL)(NULL)

==================== Memory info ===========================

Processor: Intel® Pentium® D CPU 3.00GHz
Percentage of memory in use: 33%
Total physical RAM: 2046.09 MB
Available physical RAM: 1361.43 MB
Total Pagefile: 3934.98 MB
Available Pagefile: 3432.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:229.01 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 208B3481)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================