This topic is locked
Hi,
I realised I have a virus after logging into my net banking an "authorization" page came up asking for credit card details 
I'm on XP but in a very similar boat to martin999 here: http://www.geekstogo...moval-programs/
I have tried various things, safe mode, system restore has no points. AVG won't run, Avast won't run, Malwarebytes won't install. I also have run scans of the HDD attached by USB to my spare PC and although both Avast and AVG found issues neither fixed the problem.
I do have p2p stuff on my pc, a lot of it is older, I'm reasonably cautious but I understand the issues and risks.
I'm hoping someone can please help?
Regards,
Damon
FRST Scan:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Work 2 (administrator) on COMPUTER on 14-03-2015 09:17:53
Running from C:\Documents and Settings\Work 2\Desktop
Loaded Profiles: Work 2 & User2 & Administrator (Available profiles: Work 2 & User2 & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lavasoft AB) C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\TVersity\Media Server\MediaServer.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(D-Link) C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Hostless Modem\Telstra USB+Wi-Fi\CheckNDISPort_df.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\dwwin.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BVRPLiveUpdate] => C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRPSO~1\MOTORO~1\LIVEUP~1\LISTOF~1.DAT
HKLM\...\Run: [ANIWZCS2Service] => C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152 2007-01-19] (Wireless Service)
HKLM\...\Run: [D-Link D-Link Wireless G DWA-110] => C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1675264 2008-04-15] (D-Link)
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\system32\hkcmd.exe [77824 2006-03-23] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-23] (Intel Corporation)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16855552 2007-10-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2503704 2015-03-06] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [273544 2011-07-14] (RealNetworks, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [CheckNDISPort_df] => C:\Program Files\Hostless Modem\Telstra USB+Wi-Fi\CheckNDISPort_df.exe [442696 2012-09-21] ()
HKLM\...\InprocServer32: [Default-wbemess] wbemess.dll ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2122824 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Run: [Google Update] => C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-22] (Google Inc.)
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31090792 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Run: [GoogleChromeAutoLaunch_3DFCF6B2AEB445B8DC09B36EA9332B3A] => C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [809288 2015-03-07] (Google Inc.)
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {12ed4923-8c89-11e4-9a6b-001e8cd6744c} - D:\AutoRun.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {15fe27ef-80d3-11de-9878-00240110331d} - WDSetup.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {3b2f7023-ea98-11e1-9999-001e8cd6744c} - G:\Install_Nokia_Ovi_Suite.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {4c61e554-5e6e-11e0-98ed-00240110331d} - G:\AutoRun.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {4c61e555-5e6e-11e0-98ed-001e8cd6744c} - G:\AutoRun.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {782b5184-51b0-11e4-9a62-001e8cd6744c} - F:\RunClubSanDisk.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {f3b1f293-1bea-11e0-98c0-001e8cd6744c} - H:\AutoRun.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\MountPoints2: {f3b1f295-1bea-11e0-98c0-001e8cd6744c} - H:\AutoRun.exe
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\DOCUME~1\WORK2~1\Desktop\rkill.scr
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * OODBSlsdeleteC:\PROGRA~1\AVG\AVG2015\avgrsx.exe /sync /restartsdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
URLSearchHook: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 - YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote\prxtbVuz2.dll (ClientConnect Ltd.)
URLSearchHook: [S-1-5-21-1343024091-1326574676-725345543-500] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={3B5967ED-C431-421B-AAE6-69DBD5F74162}&mid=d8a3ba98391547d0ba12d157ca329dbf-07f81eec18de6d7910be4bfd46ba7efe7bc681f3&lang=en&ds=AVG&pr=fr&d=2012-10-29 19:45:55&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 -> {F02EF4DB-5280-4E91-B854-AA0795C93A5A} URL = http://au.search.yah...p={searchTerms}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll [2003-05-15] (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-10] (Adobe Systems Incorporated)
BHO: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09] ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.3.0.885\AVG Secure Search_toolbar.dll [2015-03-06] (AVG Secure Search)
BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
BHO: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote\prxtbVuz2.dll [2014-09-23] (ClientConnect Ltd.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO: YTD Toolbar -> {F3FEE66E-E034-436a-86E4-9690573BEE8A} -> C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll [2012-07-26] (Spigot, Inc.)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09] ()
Toolbar: HKLM - YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YTD Toolbar\IE\6.2\ytdToolbarIE.dll [2012-07-26] (Spigot, Inc.)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote\prxtbVuz2.dll [2014-09-23] (ClientConnect Ltd.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.3.0.885\AVG Secure Search_toolbar.dll [2015-03-06] (AVG Secure Search)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
Toolbar: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 -> Vuze Remote Toolbar - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote\prxtbVuz2.dll [2014-09-23] (ClientConnect Ltd.)
Toolbar: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-1343024091-1326574676-725345543-1006 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15] ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2007-08-27] (Logitech Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-06] (AVG Secure Search)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.facebook...s://isohunt.to/
FF Keyword.URL: hxxp://flybuys.search.adlux.com/search/?utm_source=adlux&utm_medium=cpc&ourmark=3&q=
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @abr.gov.au/KeyMgmtPlugin -> C:\Program Files\ABR\Plug-In\bin\npAUSkeyPlugin.dll [2012-10-25] (Commonwealth Government of Australia)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2011-06-10] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-21] (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-21] (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-15] (VideoLAN)
FF Plugin HKU\S-1-5-21-1343024091-1326574676-725345543-1006: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\Work 2\Application Data\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-1343024091-1326574676-725345543-1006: @talk.google.com/O1DPlugin -> C:\Documents and Settings\Work 2\Application Data\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-1343024091-1326574676-725345543-1006: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343024091-1326574676-725345543-1006: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Work 2\Application Data\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Work 2\Application Data\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF SearchPlugin: C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\searchplugins\search-to-earn-points.xml [2014-07-05]
FF Extension: Ant Video Downloader - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2015-03-07]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2015-03-07]
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2014-11-22]
FF Extension: NetVideoHunter - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2015-03-04]
FF Extension: Youtube Downloader - 4K Download - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2015-03-07]
FF Extension: EPUBReader - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-02-13]
FF Extension: FireFTP - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-16]
FF Extension: DownloadHelper - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-07]
FF Extension: Vuze Remote - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2015-01-15]
FF Extension: Add to Amazon Wish List Button - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2012-10-31]
FF Extension: YouTube Video and Audio Downloader - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2014-03-06]
FF Extension: ProxMate - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2014-03-06]
FF Extension: QR Decoder - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2012-11-04]
FF Extension: Rainbow - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2012-03-18]
FF Extension: Tile Tabs - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\[email protected] [2011-08-11]
FF Extension: RSS Ticker - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi [2012-12-28]
FF Extension: Mobile Barcoder - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{A5C87640-F7CF-11DA-974D-0800200C9A66}.xpi [2012-11-04]
FF Extension: Modify Headers - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2012-03-27]
FF Extension: Easy YouTube Video Downloader - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012-10-30]
FF Extension: flybuys Toolbar - C:\Documents and Settings\Work 2\Application Data\Mozilla\Firefox\Profiles\9fauh4ap.default\Extensions\{d8c4975b-9e4b-4574-b5ab-67fe58455a95}.xpi [2012-12-01]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\18.3.0.885
FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\18.3.0.885 [2015-03-06]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.nutritionforliving.com.au/wp-login.php?redirect_to=http%3A%2F%2Fwww.nutritionforliving.com.au%2Fwp-admin%2Fplugins.php&reauth=1", "hxxp://www.veganspeaks.com.au/wp-login.php?redirect_to=http%3A%2F%2Fwww.veganspeaks.com.au%2Fwp-admin%2Fnetwork%2Fplugins.php%3Ferror%3Dtrue%26main%3Dtrue%26plugin_status%3Dall%26paged%3D1%26s%3D&reauth=1"
CHR Profile: C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Dualless) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bgdpkilkheacbboffppjgceiplijhfpd [2014-05-15]
CHR Extension: (Tab Resize - split screen layouts) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bkpenclhmiealbebdopglffmfdiilejc [2014-05-15]
CHR Extension: (Tab Scissors) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cdochbecpfdpjobpgnacnbepkgcfhoek [2014-05-15]
CHR Extension: (Share link via email) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejdbkikfbnnhmachnnomjfgjbgkcnjkb [2014-05-16]
CHR Extension: (Dual View Split Screen) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gmdbkgponhaodlapckmpicgahloncdog [2014-05-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Reader) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lojpenhmoajbiciapkjkiekmobleogjc [2012-08-13]
CHR Extension: (Hangouts) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-08-02]
CHR Extension: (AVG Security Toolbar) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-10-30]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Vuze Remote) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk [2012-10-08]
CHR Extension: (Google Reader) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-08-13]
CHR Extension: (Send Link by Email or Gmail) - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf [2014-05-16]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.1.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx [2014-01-09]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Documents and Settings\Work 2\Local Settings\Application Data\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-09-20]
CHR HKU\S-1-5-21-1343024091-1326574676-725345543-1006\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Documents and Settings\Work 2\Local Settings\Application Data\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx [2012-09-20]
StartMenuInternet: chrome.exe - C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aawservice; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [561152 2007-06-05] (Lavasoft AB) [File not signed]
S2 ANIWZCSdService; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [49152 2007-01-19] (Wireless Service) [File not signed]
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [741376 2006-10-30] (Microsoft Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2918008 2007-01-05] (Symantec Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-01-16] (Hewlett-Packard) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [1050120 2007-05-11] (O&O Software GmbH)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2008-01-16] (Hewlett-Packard) [File not signed]
S2 PS3 Media Server; C:\Program Files\PS3 Media Server\win32\service\wrapper.exe [366872 2011-05-17] (Tanuki Software, Ltd.)
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-05-19] ()
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TVersityMediaServer; C:\Program Files\TVersity\Media Server\MediaServer.exe [1249064 2011-07-30] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-03-03] (Ulead Systems, Inc.)
R2 vToolbarUpdater18.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-06] (AVG Secure Search)
S2 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ANIO; C:\WINDOWS\system32\ANIO.SYS [28195 2007-05-12] (Alpha Networks Inc.) [File not signed]
R2 Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [16512 2007-11-16] (Adaptec) [File not signed]
S3 AtcL001; C:\WINDOWS\System32\DRIVERS\atl01_xp.sys [35712 2006-08-22] (Attansic Technology corporation.)
R3 AtcL002; C:\WINDOWS\System32\DRIVERS\l251x86.sys [30720 2007-10-17] (Atheros Communications, Inc.)
S3 AVEO; C:\WINDOWS\System32\DRIVERS\AVEOdcnt.sys [224256 2010-01-21] (AVEO Corp) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [192792 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2007-11-02] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2007-11-02] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2007-11-02] (HP)
R2 LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [3712 2006-05-25] (Logitech, Inc.) [File not signed]
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35088 2011-02-12] (CACE Technologies, Inc.)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [19016 2014-01-14] ()
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [16472 2011-05-06] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [11104 2011-05-06] ()
R3 RT73; C:\WINDOWS\System32\DRIVERS\Dr71WU.sys [459520 2008-01-15] (Ralink Technology, Corp.)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [26844 2006-03-18] (PowerISO Computing, Inc.) [File not signed]
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 teamviewervpn; C:\WINDOWS\System32\DRIVERS\teamviewervpn.sys [25088 2013-10-18] (TeamViewer GmbH)
S3 usbsermptxp; C:\WINDOWS\System32\DRIVERS\usbsermptxp.sys [25600 2007-10-19] (Microsoft Corporation)
S3 BS2561008352; \??\C:\DOCUME~1\WORK2~1\LOCALS~1\Temp\NTFS.sys [X]
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-14 09:17 - 2015-03-14 09:18 - 00037680 _____ () C:\Documents and Settings\Work 2\Desktop\FRST.txt
2015-03-14 09:16 - 2015-03-14 09:16 - 01135104 _____ (Farbar) C:\Documents and Settings\Work 2\Desktop\FRST.exe
2015-03-14 09:09 - 2015-03-14 09:16 - 00015032 _____ () C:\WINDOWS\system32\DB2561008352
2015-03-14 08:58 - 2015-03-14 09:00 - 20447072 _____ (Malwarebytes Corporation ) C:\Documents and Settings\Work 2\Desktop\mbam-setup-2.0.4.1028.exe
2015-03-14 08:35 - 2015-03-11 07:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Administrator\Desktop\tdsskiller.exe
2015-03-14 07:36 - 2015-03-14 07:36 - 00065536 _____ () C:\WINDOWS\Minidump\Mini031415-01.dmp
2015-03-13 07:29 - 2015-03-13 07:29 - 00000000 ____D () C:\Documents and Settings\Work 2\Desktop\FRST-OlderVersion
2015-03-11 07:26 - 2015-03-11 07:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Work 2\Desktop\tdsskiller.exe
2015-03-11 07:26 - 2015-03-11 07:26 - 00259584 _____ (OldTimer Tools) C:\Documents and Settings\Work 2\Desktop\OTH.scr
2015-03-11 07:18 - 2015-03-14 09:18 - 00000000 ____D () C:\FRST
2015-03-09 21:10 - 2015-03-09 21:10 - 00000027 _____ () C:\Documents and Settings\User2\Application Data\mbam.context.scan
2015-03-09 21:03 - 2015-03-09 21:03 - 00000000 ____D () C:\Documents and Settings\User2\Local Settings\Application Data\Sun
2015-03-09 21:03 - 2015-03-09 21:03 - 00000000 ____D () C:\Documents and Settings\User2\Application Data\Sun
2015-03-09 20:58 - 2015-03-09 20:58 - 00000000 ____D () C:\Documents and Settings\User2\Local Settings\Application Data\Avg2015
2015-03-09 20:58 - 2015-03-09 20:58 - 00000000 ____D () C:\Documents and Settings\User2\Local Settings\Application Data\AVG Secure Search
2015-03-09 20:58 - 2015-03-09 20:58 - 00000000 ____D () C:\Documents and Settings\User2\Application Data\Real
2015-03-09 20:58 - 2015-03-09 20:58 - 00000000 ____D () C:\Documents and Settings\User2\Application Data\AVG Secure Search
2015-03-09 20:57 - 2015-03-10 05:46 - 00000178 ___SH () C:\Documents and Settings\User2\ntuser.ini
2015-03-09 20:57 - 2015-03-10 05:45 - 00000000 ____D () C:\Documents and Settings\User2\Local Settings\Temp
2015-03-09 20:57 - 2015-03-09 20:57 - 00000796 _____ () C:\Documents and Settings\User2\Start Menu\Programs\Windows Media Player.lnk
2015-03-09 20:57 - 2015-03-09 20:57 - 00000771 _____ () C:\Documents and Settings\User2\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 20:57 - 2015-03-09 20:57 - 00000742 _____ () C:\Documents and Settings\User2\Start Menu\Programs\Outlook Express.lnk
2015-03-09 20:57 - 2015-03-09 20:57 - 00000000 __SHD () C:\Documents and Settings\User2\IETldCache
2015-03-09 20:57 - 2015-03-09 20:57 - 00000000 ___RD () C:\Documents and Settings\User2\Start Menu\Programs\Accessories
2015-03-09 20:57 - 2015-03-09 20:57 - 00000000 ____D () C:\Documents and Settings\User2
2015-03-09 20:57 - 2012-10-13 09:59 - 00000000 ____D () C:\Documents and Settings\User2\Application Data\TuneUp Software
2015-03-09 20:57 - 2011-02-10 15:05 - 00001609 _____ () C:\Documents and Settings\User2\Start Menu\Programs\Remote Assistance.lnk
2015-03-09 20:57 - 2011-01-24 17:49 - 00000000 ____D () C:\Documents and Settings\User2\Application Data\Macromedia
2015-03-09 20:57 - 2007-09-18 11:22 - 00001688 _____ () C:\Documents and Settings\User2\Desktop\Cyberlink PowerDirector.lnk
2015-03-09 20:57 - 2007-09-18 11:22 - 00000000 ____D () C:\Documents and Settings\User2\Start Menu\Programs\Cyberlink PowerDirector
2015-03-09 20:27 - 2015-03-09 20:27 - 04579240 _____ (AVG Technologies) C:\Documents and Settings\Work 2\Desktop\avg_isct_stb_all_2015_5315_cm5.exe
2015-03-09 20:27 - 2015-03-09 20:27 - 04579240 _____ (AVG Technologies) C:\avg_isct_stb_all_2015_5315_cm5.exe
2015-03-09 18:38 - 2015-03-08 13:12 - 05475064 _____ (Avast Software s.r.o.) C:\Documents and Settings\Work 2\Desktop\avast_free_antivirus_setup_online.exe
2015-03-08 13:10 - 2015-03-08 13:12 - 05475064 _____ (Avast Software s.r.o.) C:\avast_free_antivirus_setup_online.exe
2015-03-08 12:57 - 2015-03-08 12:01 - 00451115 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150308-125715.backup
2015-03-08 12:01 - 2015-03-08 11:54 - 00451115 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150308-120131.backup
2015-03-08 11:54 - 2011-03-09 20:01 - 00001216 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20150308-115437.backup
2015-03-08 11:45 - 2015-03-08 11:45 - 00000000 ____D () C:\Documents and Settings\Work 2\My Documents\ProcAlyzer Dumps
2015-03-08 11:16 - 2015-03-08 12:26 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-03-08 11:15 - 2015-03-11 07:33 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-03-08 10:42 - 2015-03-08 10:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Documents and Settings\Work 2\Desktop\spybot-2.4.exe
2015-03-08 10:26 - 2015-03-08 10:26 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Application Data\Avg2015
2015-03-08 10:25 - 2015-03-08 10:25 - 00000000 __SHD () C:\Documents and Settings\Administrator\IETldCache
2015-03-08 10:24 - 2015-03-14 08:38 - 00000178 ___SH () C:\Documents and Settings\Administrator\ntuser.ini
2015-03-08 10:24 - 2015-03-14 08:34 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-03-08 10:24 - 2015-03-08 10:25 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-03-08 10:24 - 2012-10-13 09:59 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\TuneUp Software
2015-03-08 10:24 - 2011-02-10 15:05 - 00001609 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-03-08 10:24 - 2011-02-10 15:04 - 00000000 ___RD () C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
2015-03-08 10:24 - 2011-01-24 17:49 - 00000000 ____D () C:\Documents and Settings\Administrator\Application Data\Macromedia
2015-03-08 10:24 - 2007-09-18 11:22 - 00001688 _____ () C:\Documents and Settings\Administrator\Desktop\Cyberlink PowerDirector.lnk
2015-03-08 10:24 - 2007-09-18 11:22 - 00000000 ____D () C:\Documents and Settings\Administrator\Start Menu\Programs\Cyberlink PowerDirector
2015-03-08 10:14 - 2015-03-08 10:14 - 04800936 _____ (AVG Technologies) C:\Documents and Settings\Work 2\Desktop\avg_free_stb_all_5751p1_177.exe
2015-03-08 07:00 - 2015-03-08 07:00 - 00065536 _____ () C:\WINDOWS\Minidump\Mini030815-01.dmp
2015-03-07 21:22 - 2015-03-07 21:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 9
2015-03-07 09:37 - 2015-03-13 03:59 - 01133868 _____ () C:\WINDOWS\system32\CFG2561008352
2015-03-01 17:46 - 2015-03-01 17:51 - 00828994 _____ () C:\Documents and Settings\Work 2\Desktop\glf.mp4
2015-02-22 12:29 - 2015-02-22 12:29 - 03037217 _____ () C:\Documents and Settings\Work 2\Desktop\Intro to veganism2 Narration.wma
2015-02-22 09:28 - 2015-02-22 09:28 - 00019456 _____ () C:\Documents and Settings\Work 2\Desktop\Intro to veganism.MSWMM
2015-02-22 09:14 - 2015-02-22 09:14 - 00001701 _____ () C:\Documents and Settings\Work 2\Desktop\v.utf
2015-02-22 08:50 - 2015-02-22 08:50 - 00003771 _____ () C:\Documents and Settings\Work 2\Desktop\Do you believe.utf.txt
2015-02-22 08:44 - 2015-02-22 09:06 - 00003771 _____ () C:\Documents and Settings\Work 2\Desktop\Do you believe.txt
2015-02-21 11:30 - 2015-02-21 11:30 - 04535732 _____ () C:\Documents and Settings\Work 2\Desktop\MyPost_Deliveries.mp4
2015-02-15 11:13 - 2015-02-15 11:13 - 00000016 ____H () C:\Documents and Settings\SyncToy_aa29d182-7c79-4e0d-ad30-a891204c8004.dat
2015-02-15 10:06 - 2015-02-15 10:06 - 00007758 _____ () C:\Documents and Settings\Work 2\Desktop\Mix 1.xspf
2015-02-14 12:59 - 2015-02-14 12:59 - 00012110 _____ () C:\Documents and Settings\Work 2\Desktop\Gwen.xspf
2015-02-12 06:43 - 2015-02-15 12:48 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{7EF6EEBD-2E61-42CD-A876-2028A185E7DF}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-14 09:18 - 2008-10-14 14:28 - 00000000 ____D () C:\Documents and Settings\Work 2\Local Settings\Temp
2015-03-14 08:45 - 2013-01-04 08:24 - 00406408 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-14 08:43 - 2010-03-01 06:36 - 00000000 ____D () C:\Documents and Settings\Work 2\Application Data\Skype
2015-03-14 08:42 - 2011-01-02 10:20 - 00000000 ____D () C:\Program Files\PeerBlock
2015-03-14 08:42 - 2009-10-27 13:28 - 00003284 _____ () C:\WINDOWS\system32\ANIWZCS{ABC6C283-2BF8-45CA-8598-F5669FA7FF12}
2015-03-14 08:41 - 2009-10-27 13:27 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{ABC6C283-2BF8-45CA-8598-F5669FA7FF12}
2015-03-14 08:41 - 2009-08-04 15:45 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME
2015-03-14 08:41 - 2007-08-08 06:59 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2015-03-14 08:40 - 2009-03-26 03:00 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2015-03-14 08:39 - 2013-06-01 03:12 - 00000350 _____ () C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-03-14 08:39 - 2013-02-02 09:08 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-14 08:39 - 2011-08-15 15:40 - 00000000 ____D () C:\Program Files\PS3 Media Server
2015-03-14 08:39 - 2011-08-14 18:09 - 00265532 _____ () C:\WINDOWS\system32\TVersityMediaServer.log
2015-03-14 08:39 - 2011-07-14 09:46 - 00000280 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1326574676-725345543-1006.job
2015-03-14 08:39 - 2007-08-10 12:09 - 01159516 _____ () C:\WINDOWS\system32\oodbs.lor
2015-03-14 08:39 - 2007-08-08 06:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-14 08:39 - 2007-08-08 02:30 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-14 08:39 - 2007-08-08 02:30 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-03-14 08:29 - 2008-10-14 14:28 - 00000278 ___SH () C:\Documents and Settings\Work 2\ntuser.ini
2015-03-14 08:29 - 2007-08-08 06:59 - 00032618 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-14 08:22 - 2011-07-16 20:24 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1326574676-725345543-1006UA.job
2015-03-14 07:36 - 2009-09-15 12:51 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-14 07:36 - 2004-08-04 22:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-14 07:35 - 2011-02-11 00:38 - 2138218496 _____ () C:\WINDOWS\MEMORY.DMP
2015-03-13 21:46 - 2010-12-06 20:55 - 00000000 ____D () C:\Documents and Settings\Work 2\Application Data\vlc
2015-03-13 21:39 - 2011-01-02 10:22 - 00000000 ____D () C:\Documents and Settings\Work 2\Application Data\uTorrent
2015-03-13 21:34 - 2012-10-13 10:37 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-13 21:30 - 2013-02-02 09:08 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-13 18:08 - 2012-10-23 07:56 - 00000000 ____D () C:\Documents and Settings\Work 2\Application Data\PriceGong
2015-03-13 08:40 - 2011-10-15 09:13 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-03-13 07:22 - 2011-07-16 20:24 - 00000930 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1326574676-725345543-1006Core.job
2015-03-13 05:45 - 2014-10-24 06:43 - 00000556 _____ () C:\WINDOWS\Tasks\Casper XP Scheduled Copy of Disk 1 to Disk 2.job
2015-03-12 20:14 - 2012-10-07 21:53 - 00000000 ____D () C:\Documents and Settings\Work 2\Application Data\Azureus
2015-03-12 12:46 - 2011-07-14 09:46 - 00000288 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1326574676-725345543-1006.job
2015-03-11 18:00 - 2011-02-10 20:12 - 00000000 ____D () C:\Documents and Settings\Work 2\My Documents\Desktop Temp
2015-03-11 07:08 - 2012-10-07 21:52 - 00000000 ____D () C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote
2015-03-11 07:05 - 2010-01-13 15:44 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-11 07:05 - 2010-01-13 15:43 - 00000000 ____D () C:\Program Files\Symantec
2015-03-11 07:05 - 2010-01-13 15:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2015-03-11 07:04 - 2007-08-08 11:22 - 00000000 ____D () C:\Program Files\ESET
2015-03-11 06:54 - 2012-09-21 07:54 - 00001242 _____ () C:\WINDOWS\wininit.ini
2015-03-11 06:54 - 2007-08-09 11:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2015-03-10 17:54 - 2013-06-12 19:50 - 00006174 _____ () C:\WINDOWS\setupact.log
2015-03-10 17:54 - 2013-01-11 08:11 - 00511508 _____ () C:\WINDOWS\setupapi.log
2015-03-10 12:41 - 2007-08-09 12:14 - 00000000 ____D () C:\Documents and Settings\Work 2\My Documents\Software
2015-03-10 12:31 - 2008-10-21 16:56 - 00000000 ____D () C:\Documents and Settings\Work 2\My Documents\Shaun Shared
2015-03-10 05:46 - 2014-07-23 19:51 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{02F3C557-80E4-415C-A588-B850710C9CA3}
2015-03-09 20:57 - 2013-10-16 14:48 - 00002801 _____ () C:\WINDOWS\wmsetup.log
2015-03-08 12:32 - 2015-01-24 17:40 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{E096EEF9-C664-46EA-AA51-3939B376610F}
2015-03-08 12:01 - 2007-08-08 02:25 - 00000245 ___SH () C:\boot.ini
2015-03-08 11:15 - 2007-08-09 11:10 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2015-03-08 07:23 - 2007-08-08 06:54 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-07 21:24 - 2014-08-09 01:11 - 00000771 _____ () C:\WINDOWS\system32\TeamViewer9_Hooks.log
2015-03-07 18:43 - 2011-10-20 18:37 - 00000000 ____D () C:\WINDOWS\system32\oodag
2015-03-07 18:39 - 2008-10-14 14:34 - 00000000 ____D () C:\Documents and Settings\Work 2\My Documents\Damon
2015-03-07 00:47 - 2012-09-25 22:43 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2015-03-06 17:28 - 2012-11-09 04:21 - 00000000 ____D () C:\WINDOWS\system32\cache
2015-03-06 17:28 - 2012-10-29 19:45 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2015-03-06 17:28 - 2012-10-29 19:45 - 00000000 ____D () C:\Program Files\AVG Secure Search
2015-03-01 17:52 - 2014-12-19 19:55 - 00000000 ____D () C:\Documents and Settings\Work 2\Desktop\GLF vids
2015-02-22 16:54 - 2011-03-17 21:16 - 00000000 ____D () C:\Documents and Settings\Work 2\Local Settings\Application Data\WMTools Downloaded Files
2015-02-22 16:23 - 2008-12-09 21:14 - 00066048 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-21 18:16 - 2011-08-14 18:09 - 01024199 _____ () C:\WINDOWS\system32\TVersityMediaServer.log.1
2015-02-21 12:45 - 2010-03-01 06:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2015-02-21 12:44 - 2010-03-01 06:35 - 00000000 ___RD () C:\Program Files\Skype
2015-02-21 11:23 - 2015-01-09 08:08 - 00014251 _____ () C:\Documents and Settings\Work 2\Desktop\Change of Address Jan 2015.xlsx
2015-02-20 17:58 - 2014-06-15 08:18 - 00133632 ___SH () C:\Documents and Settings\Work 2\Desktop\Thumbs.db
2015-02-16 08:03 - 2008-10-14 14:28 - 00000000 ____D () C:\Documents and Settings\Work 2
2015-02-15 11:57 - 2015-02-11 06:43 - 00000007 _____ () C:\WINDOWS\system32\ANIWZCSUSERNAME{2E5E5122-B8B0-41BA-84DC-5B12E3F13377}
2015-02-15 11:57 - 2011-02-15 22:43 - 01789952 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\filesync.metadata
2015-02-15 11:12 - 2011-02-15 22:43 - 00002259 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\SyncToy 2.0.lnk
2015-02-14 10:08 - 2007-08-08 02:28 - 00605412 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2013-06-27 10:13 - 2014-06-28 08:28 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2011-03-30 20:28 - 2011-03-30 20:31 - 0000132 _____ () C:\Documents and Settings\Work 2\Application Data\Adobe BMP Format CS5 Prefs
2011-03-31 11:25 - 2014-02-26 14:35 - 0000132 _____ () C:\Documents and Settings\Work 2\Application Data\Adobe GIF Format CS5 Prefs
2011-07-12 13:40 - 2014-08-10 11:27 - 0000132 _____ () C:\Documents and Settings\Work 2\Application Data\Adobe PNG Format CS5 Prefs
2013-10-20 13:51 - 2014-03-09 11:59 - 0000096 _____ () C:\Documents and Settings\Work 2\Application Data\Camdata.ini
2013-10-20 13:51 - 2014-03-09 11:59 - 0000408 _____ () C:\Documents and Settings\Work 2\Application Data\CamLayout.ini
2013-10-20 13:51 - 2014-03-09 11:59 - 0000408 _____ () C:\Documents and Settings\Work 2\Application Data\CamShapes.ini
2013-10-20 13:51 - 2014-03-09 11:59 - 0004510 _____ () C:\Documents and Settings\Work 2\Application Data\CamStudio.cfg
2011-07-20 14:30 - 2013-11-15 11:49 - 0001456 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
2008-12-09 21:14 - 2015-02-22 16:23 - 0066048 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-15 22:43 - 2015-02-15 11:57 - 1789952 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\filesync.metadata
2008-10-14 14:29 - 2008-10-14 14:29 - 0000129 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\fusioncache.dat
ZeroAccess:
C:\Windows\Installer\{0a52bac8-e97c-961b-ec61-eb84061522eb}
C:\Windows\Installer\{0a52bac8-e97c-961b-ec61-eb84061522eb}\@
ZeroAccess:
C:\Documents and Settings\Work 2\Local Settings\Application Data\{0a52bac8-e97c-961b-ec61-eb84061522eb}
C:\Documents and Settings\Work 2\Local Settings\Application Data\{0a52bac8-e97c-961b-ec61-eb84061522eb}\@
C:\Documents and Settings\Work 2\Local Settings\Application Data\{0a52bac8-e97c-961b-ec61-eb84061522eb}\U\00000001.@
Some content of TEMP:
====================
C:\Documents and Settings\Work 2\Local Settings\Temp\DataCard_Setup.exe
C:\Documents and Settings\Work 2\Local Settings\Temp\ResetDevice.exe
C:\Documents and Settings\Work 2\Local Settings\Temp\_isB15.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Work 2 at 2015-03-14 09:19:07
Running from C:\Documents and Settings\Work 2\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Eset NOD32 antivirus system 2.51 (Enabled - Out of date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM\...\uTorrent) (Version: 3.2.2.28110 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 2.1.0 - Hewlett-Packard) Hidden
Ad-Aware 2007 (HKLM\...\{0E6AB9FC-76C2-431B-9C06-6C1CFFFEA8EB}) (Version: 7.0.1.2 - Lavasoft)
Adobe Acrobat 6.0 Professional - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Amazon Send to Kindle (HKLM\...\SendToKindle) (Version: 1.0.0.192 - Amazon)
ANIO Service (HKLM\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )
ANIWZCS2 Service (HKLM\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - )
Any DVD Cloner Platinum 1.2.0 (HKLM\...\Any DVD Cloner Platinum_is1) (Version: - dvdsmith.com)
Any Video Converter Professional 5.0.8 (HKLM\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
AnyCAD Viewer 2011 (HKLM\...\{65147B19-6211-43E1-9897-EA6AC44D4E24}) (Version: 2.5.0 - AnyCAD Solution)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}) (Version: 4.0.0.96 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaConverter 2 (HKLM\...\{33295076-A0D0-49B8-9EA0-A9AB3631CDC8}) (Version: - ArcSoft)
AsusUpdate (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )
Attansic Giga Ethernet Utility (HKLM\...\{1F698102-5739-441E-96F0-74F4EA540F06}) (Version: 1.0 - )
Attansic L1 Gigabit Ethernet Driver (HKLM\...\AtcL1) (Version: - )
AUSkey software 1.4.4 (HKLM\...\{24D37B30-83B4-46A7-A691-30F2FCEAE58E}) (Version: 1.4.4 - ABR)
Australian City Streets Ver 3 (HKLM\...\{F23E8E20-48E0-44C4-87B0-1151FAADF7F0}) (Version: 5.0.0.3 - UBD)
Avanquest update (HKLM\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.12 - Avanquest Software)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4299 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.3.0.885 - AVG Technologies)
Avidemux 2.5 (32-bit) (HKLM\...\Avidemux 2.5) (Version: 2.5.4.7200 - )
AxCrypt (Remove Only) (HKLM\...\AxCrypt) (Version: - Axon Data)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bullzip PDF Printer 4.0.0.463 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip)
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION
calibre (HKLM\...\{8DE7A656-A244-47C6-BB05-D412820FDA3C}) (Version: 0.8.48 - Kovid Goyal)
CamStudio version 2.7 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version: - )
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - )
Canon MG2100 series On-screen Manual (HKLM\...\Canon MG2100 series On-screen Manual) (Version: - )
Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - )
Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Setup Utility 2.3 (HKLM\...\Canon Setup Utility 2.3) (Version: - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
Canon Utilities Easy-PhotoPrint (HKLM\...\Easy-PhotoPrint) (Version: - )
Canon Utilities Easy-PrintToolBox (HKLM\...\Easy-PrintToolBox) (Version: - )
Casper XP (HKLM\...\{243FA669-BEA1-4FD7-906F-DAF000D6B33A}) (Version: 3.0.224 - Future Systems Solutions, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version: - )
Centrebet.net (HKLM\...\Centrebet Poker.NET) (Version: - )
CL-Eye Driver (HKLM\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Core FTP LE (HKLM\...\CoreFTP) (Version: - )
DaeViewer (HKLM\...\DaeViewer.76CE1EF822E2E36CA97855F1F5AE3A25B8F1B9B8.1) (Version: v1 - UNKNOWN)
DaeViewer (Version: 1 - UNKNOWN) Hidden
DeviceFunctionQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.0 - DivX, Inc.)
DivX Content Uploader (HKLM\...\{D050D7362D214723AD585B541FFB6C11}) (Version: 1.2.1 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 6.5.1 - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.0 - DivX,Inc.)
D-Link Wireless G DWA-110 (HKLM\...\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}) (Version: - D-Link)
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocumentViewerQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVD-CLONER V5.00 Build 959 (HKLM\...\DVD-CLONER V_is1) (Version: - )
Easy-WebPrint (HKLM\...\Easy-WebPrint) (Version: - )
e-tax 2011 (HKLM\...\{C078C299-C2C2-4110-A6EF-8D5E66C228DA}) (Version: 11.1.704 - ATO)
e-tax 2012 (HKLM\...\{B0F1B02F-47A6-411D-A38B-E44CC7F53CCC}) (Version: 6.0.577 - Australian Taxation Office)
e-tax 2013 (HKLM\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.10.558 - Australian Taxation Office)
e-tax 2014 (HKLM\...\{42D5C0B2-A309-4F84-9BD7-5DDDFE6C09E1}) (Version: 2.10.788 - Australian Taxation Office)
ffdshow [rev 3154] [2009-12-09] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
FileMind QuickFix (HKLM\...\{92789900-80D0-4B61-B742-7897964A69AB}_is1) (Version: Build 4184 - Metability Software)
FileZilla Client 3.5.0 (HKLM\...\FileZilla Client) (Version: 3.5.0 - )
Final Draft 7 (HKLM\...\{78D62D17-D970-42DA-B8CF-5E5576293B33}) (Version: 7.1.1.19 - Final Draft, Inc.)
Free CBR Reader (HKLM\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)
Free Convert Audio to iPhone iPod Music Converter 5.8 (HKLM\...\Free Convert Audio to iPhone iPod Music Converter_is1) (Version: - Xillvideo Software, Inc.)
Free M4a to MP3 Converter 8.0 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free MKV Video2Dvd 3.30 (HKLM\...\Free MKV Video2Dvd 3.30_is1) (Version: - EffectMatrix, Inc.)
Freecorder 5 (HKLM\...\Freecorder5.11) (Version: 5.11 - Applian Technologies Inc.)
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Chrome (HKU\S-1-5-21-1343024091-1326574676-725345543-1006\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript Lite 8.70 (HKLM\...\GPL Ghostscript Lite_is1) (Version: - )
HL-2130 (HKLM\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HyperSnap 6 (HKLM\...\HyperSnap 6) (Version: 5 - Hyperionics Technology LLC)
ImageMixer for HDD Camcorder (HKLM\...\{44E5B47F-870E-4E38-A458-8A5FC4DCFECF}) (Version: 3.01.001 - PIXELA)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4543 - )
InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
IRAS (HKLM\...\Remote Administration System_is1) (Version: - )
iTunes (HKLM\...\{29ED20C9-5E15-4969-9279-25BF3727A3DA}) (Version: 10.5.0.142 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java™ 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java™ 6 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
Java™ 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Juice 2.2 (HKLM\...\Juice) (Version: 2.2 - Juice Team)
KhalSetup (Version: 3.0.101 - Logitech) Hidden
K-Lite Codec Pack 4.0.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 4.0.0 - )
LightScribe 1.4.124.1 (Version: 1.4.124.1 - http://www.lightscribe.com) Hidden
LiveReg (Symantec Corporation) (HKLM\...\LiveReg) (Version: 2.4.2.2295 - Symantec Corporation)
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.41 - Symantec Corporation)
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.52.18 - Logitech, Inc.)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.3.2.5 - Logitech)
Logitech SetPoint (HKLM\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 3.0 - Logitech)
Macromedia Dreamweaver 8 (HKLM\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Fireworks 8 (HKLM\...\{4C24A8C1-7CFA-4650-AF15-732F5BD7B46D}) (Version: 8.0.0.777 - Macromedia)
Macromedia Flash 8 (HKLM\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Magic ISO Maker v5.4 (build 0239) (HKLM\...\Magic ISO Maker v5.4 (build 0239)) (Version: - )
Mavis Beacon Teaches Typing Platinum 20 (HKLM\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Hotfix (KB928366) (HKLM\...\M928366) (Version: - )
Microsoft .NET Framework 2.0 (HKLM\...\Microsoft .NET Framework 2.0) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.0 (HKLM\...\Microsoft .NET Framework 3.0) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x86) (HKLM\...\{A8BD5A60-E843-46DC-8271-ABF20756BE0F}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 (x86) (HKLM\...\{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version: - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 6.0 (HKLM\...\{067B277E-F94B-4F04-B380-BA967C00377C}_is1) (Version: - MiniTool Solution Ltd.)
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Motorola Driver Installation (HKLM\...\{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}) (Version: 2.7.2 - Motorola Inc.)
Motorola Phone Tools (HKLM\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 4.3.5a 10-03-2006 - Avanquest Software)
Motorola Phone Tools (Version: 4.30 - BVRP Software) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
MYOB Accounting Plus v16 (HKLM\...\InstallShield_{F7655F04-CD42-439C-A47C-2673F0867B0A}) (Version: 16 - MYOB Technology Pty Ltd)
MYOB Accounting Plus v16 (Version: 16 - MYOB Technology Pty Ltd) Hidden
MYOB Accounting Plus v17 (HKLM\...\InstallShield_{89D94B11-4C0A-44E4-A8FA-A6F5BD107043}) (Version: 17.0.0 - MYOB Technology Pty Ltd)
MYOB Accounting Plus v17 (Version: 17.0.0 - MYOB Technology Pty Ltd) Hidden
MYOB Accounting Plus v18.5 (HKLM\...\InstallShield_{60D06F5E-876E-4D0C-B6EE-C1820D61A5B2}) (Version: 18.5.0 - MYOB Technology Pty Ltd)
MYOB Accounting Plus v18.5 (Version: 18.5.0 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v7 (HKLM\...\InstallShield_{C71F2873-3229-4A9E-A2A2-F14DCBF63F56}) (Version: 7.0.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v7 (Version: 7.0.0 - MYOB Technology Pty Ltd) Hidden
MYOB ODBC Direct v9 AUS (HKLM\...\InstallShield_{92FF8F7F-F7AF-4643-AD5E-550E7E243C34}) (Version: 9.0.0 - MYOB Technology Pty Ltd)
MYOB ODBC Direct v9 AUS (Version: 9.0.0 - MYOB Technology Pty Ltd) Hidden
Nero 8 (HKLM\...\{5FCCD531-1B38-4A94-924C-127F722F1033}) (Version: 8.2.89 - Nero AG)
NirSoft VideoCacheView (HKLM\...\NirSoft VideoCacheView) (Version: - )
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (Version: 3.8.48.0 - Nokia) Hidden
O&O Defrag Professional Edition (HKLM\...\{53480330-E1D1-41CA-B8F8-7F78644F7F50}) (Version: 10.0.1634 - O&O Software GmbH)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PhotoNow! 1.0 (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: - )
PIXresizer 1.0.9 (HKLM\...\PIXresizer_is1) (Version: - Bluefive software)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.00.0000 - CyberLink Corp.)
PowerDirector (Version: 6.00.0000 - CyberLink Corp.) Hidden
PowerISO (HKLM\...\PowerISO) (Version: - )
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.54.0 - PS3 Media Server)
Qtrax 0.2beta (20080125) (HKLM\...\Qtrax 20080125) (Version: - )
QuarkXPress 7.2 (HKLM\...\{A38048C6-89D1-44EC-BC95-E95DD4A19B5E}) (Version: 7.20.0000 - Quark Inc.)
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5506 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
RIA-Media Viewer (HKLM\...\{275BBB82-18B7-4201-83C4-59ECF0C4C48F}) (Version: 1.4.3 - RIA-Media) <==== ATTENTION
RMVB Converter 1.8 (HKLM\...\{C3BDF1C8-66EF-4A0F-B427-A99E39706F45}_is1) (Version: - RMVB Codec)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80805 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (Version: 3.0.0.80805 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (HKLM\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SketchUp 8 (HKLM\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Skype Call Recorder (HKLM\...\{31FDDB24-D8FE-456A-8479-5E0526D5EAAF}) (Version: 0.7.2 - Alexander Nikiforov)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.3.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.3.0 - SmartSound Software Inc) Hidden
Sony Vegas Movie Studio Platinum 8.0 (HKLM\...\{987B8E44-5E06-48A5-9745-46EB2B8A3CB0}) (Version: 8.0.122 - Sony)
SPCA1528 PC Driver (HKLM\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
Spell Checker For OE 2.1 (HKLM\...\Spell Checker For OE 2.1) (Version: - )
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
SyncToy 2.0 (x86) (HKLM\...\{AFDFC350-C142-4790-BE12-8357AECD028F}) (Version: 2.0.100.0 - Microsoft)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Telstra Online Text Buddy 1.0 (HKLM\...\{DC970EE0-4C92-4CDE-A323-0E2F1552C35E}) (Version: 1.0 - Telstra)
Telstra USB+Wi-Fi Hostless Modem (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
Toolbox (Version: 61.0.163.000 - Hewlett-Packard) Hidden
TubeHunter Ultra (HKLM\...\{366FCBA4-3AB9-4EF1-938E-E7054BEA2E22}) (Version: 1.7.2155 - Neoretix Laboratory)
TVersity Codec Pack 1.7 (HKLM\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
TVersity Media Server 1.9.7 (HKLM\...\TVersity Media Server) (Version: 1.9.7 - TVersity)
Ulead DVD DiskRecorder 2.1.1 (HKLM\...\{31E1050B-F69F-4A16-8F5A-E44D31901250}) (Version: - Ulead Systems, Inc.)
Ulead DVD MovieFactory 6 (HKLM\...\InstallShield_{CCC4E428-411E-4605-B515-317D50ABD477}) (Version: 6.0.0 - InterVideo Digital Technology Corporation)
Ulead DVD MovieFactory 6 (Version: 6.0.0 - InterVideo Digital Technology Corporation) Hidden
Ulead MediaStudio Pro 8.0 (HKLM\...\{A6E71574-2126-4E95-816E-32B2411C94BA}) (Version: 8.0 - Ulead Systems, Inc.)
Ulead VideoStudio 11 (HKLM\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
Unload (Version: 6.0.0 - Hewlett-Packard) Hidden
USB2.0 PC Camera (HKLM\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 1.0.0.7 - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VideoStudio (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
Virgin Mobile (HKLM\...\Virgin Mobile) (Version: 13.001.08.00.261 - Huawei Technologies Co.,Ltd)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.2.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar (HKLM\...\Vuze_Remote Toolbar) (Version: 6.9.0.16 - Vuze Remote) <==== ATTENTION
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0) (HKLM\...\6194C28A8F62DD817EA1B918E6E46E806A21B452) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) (HKLM\...\65B6FE5418CE28F4D72543FB2D964C3CEC83F161) (Version: 02/23/2007 2.5.0.0 - MobileTop)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0036.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden
YTD Toolbar v6.2 (HKLM\...\{BCC315E7-2E8F-4EFD-8A0B-F8F276FE73F2}) (Version: 6.2 - Spigot, Inc.) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.135\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.99\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.57\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.25.5\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.69\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.79\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.23.9\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.89\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.145\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.123\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{66E8DCC7-97D2-4A89-8E08-D0610FF0878C}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Conduit\Community Alerts\Alert.dll (ClientConnect Ltd.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.153\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.149\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.22.3\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.165\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote\prxtbVuz2.dll (ClientConnect Ltd.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.115\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.65\psuser.dll (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Vuze_Remote\prxtbVuz2.dll (ClientConnect Ltd.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.22.5\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Work 2\Application Data\Dropbox\bin\DropboxExt.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.21.111\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1343024091-1326574676-725345543-1006_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\1.3.24.7\psuser.dll N (the data entry has 6 more characters).
==================== Restore Points =========================
09-03-2015 21:36:23 System Checkpoint
10-03-2015 21:56:40 System Checkpoint
11-03-2015 07:05:07 Removed Symantec pcAnywhere.
12-03-2015 07:51:27 System Checkpoint
13-03-2015 08:35:19 System Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-04 22:00 - 2015-03-08 12:57 - 00451115 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\WINDOWS\TEMP\{D5BE814F-CAC9-4701-ACAB-0D9DCE3CA0F0}.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Casper XP Scheduled Copy of Disk 1 to Disk 2.job => C:\Program Files\Future Systems Solutions\Casper XP\CasperXP.EXE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1326574676-725345543-1006Core.job => C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-1326574676-725345543-1006UA.job => C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1343024091-1326574676-725345543-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1343024091-1326574676-725345543-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe
==================== Loaded Modules (whitelisted) ==============
2012-12-16 12:01 - 2005-03-28 19:13 - 00077824 _____ () C:\WINDOWS\system32\csdlocalmon.dll
2007-06-05 17:17 - 2007-06-05 17:17 - 00520192 _____ () C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-07-27 22:00 - 2008-04-14 05:41 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2007-07-27 22:00 - 2008-04-14 05:42 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2007-07-27 22:00 - 2008-04-14 05:42 - 00386048 _____ () C:\WINDOWS\system32\qdvd.dll
2007-07-27 22:00 - 2008-04-14 05:42 - 01288192 _____ () C:\WINDOWS\system32\quartz.dll
2007-07-27 22:00 - 2008-04-14 05:42 - 00192512 _____ () C:\WINDOWS\system32\qcap.dll
2007-09-18 11:23 - 2007-05-19 13:49 - 00272024 _____ () C:\Program Files\Cyberlink\Shared files\RichVideo.exe
2011-07-30 05:31 - 2011-07-30 05:31 - 01249064 _____ () C:\Program Files\TVersity\Media Server\MediaServer.exe
2011-07-14 04:36 - 2011-07-14 04:36 - 00347944 _____ () C:\Program Files\TVersity\Media Server\taglib.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00225064 _____ () C:\Program Files\TVersity\Media Server\CORE_RL_lcms_.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00031528 _____ () C:\Program Files\TVersity\Media Server\CORE_RL_xlib_.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00716584 _____ () C:\Program Files\TVersity\Media Server\log4cxx.dll
2011-07-14 04:35 - 2011-07-14 04:35 - 04534072 _____ () C:\Program Files\TVersity\Media Server\avcodec-52.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00083768 _____ () C:\Program Files\TVersity\Media Server\avutil-50.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00313640 _____ () C:\Program Files\TVersity\Media Server\libmp3lame-0.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00795448 _____ () C:\Program Files\TVersity\Media Server\avformat-52.dll
2011-07-14 04:35 - 2011-07-14 04:35 - 00203064 _____ () C:\Program Files\TVersity\Media Server\swscale-0.dll
2011-07-14 04:36 - 2011-07-14 04:36 - 00509720 _____ () C:\Program Files\TVersity\Media Server\sqlite3.dll
2007-07-27 22:00 - 2008-04-14 05:42 - 01288192 _____ () C:\WINDOWS\system32\QUARTZ.dll
2011-05-23 03:21 - 2011-05-23 03:21 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2007-08-08 11:21 - 2006-12-03 14:53 - 00126464 _____ () C:\Program Files\WinRAR\rarext.dll
2015-03-06 17:28 - 2015-03-06 17:28 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
2015-03-06 17:28 - 2015-03-06 17:28 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2009-10-27 13:27 - 2007-12-11 15:36 - 00245760 _____ () C:\WINDOWS\system32\WlanApp.dll
2012-10-29 19:45 - 2015-03-06 17:28 - 02503704 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2015-01-25 10:35 - 2012-09-21 00:16 - 00442696 _____ () C:\Program Files\Hostless Modem\Telstra USB+Wi-Fi\CheckNDISPort_df.exe
2006-10-26 21:30 - 2006-10-26 21:30 - 00065312 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2006-10-27 15:35 - 2006-10-27 15:35 - 00436512 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2006-10-26 13:56 - 2006-10-26 13:56 - 00757008 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-03-13 11:24 - 2015-03-07 16:13 - 09279304 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.89\pdf.dll
2014-04-26 08:25 - 2014-02-10 12:44 - 04592128 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-26 08:25 - 2014-02-10 12:44 - 00112128 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-03-13 11:24 - 2015-03-07 16:13 - 14974280 _____ () C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.89\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B946D9EE
AlternateDataStreams: C:\Documents and Settings\Work 2\Desktop\tdsskiller.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aawservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1343024091-1326574676-725345543-1006\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Work 2\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
HKU\S-1-5-21-1343024091-1326574676-725345543-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Bliss.bmp
HKU\S-1-5-21-1343024091-1326574676-725345543-500\Control Panel\Desktop\\Wallpaper -> (None)
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Photosmart Premier Fast Start.lnk => C:\WINDOWS\pss\HP Photosmart Premier Fast Start.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ImageMixer for HDD Camcorder.lnk => C:\WINDOWS\pss\ImageMixer for HDD Camcorder.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^Work 2^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: dskl => C:\DS\dskl.exe
MSCONFIG\startupreg: Easy-PrintToolBox => C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
MSCONFIG\startupreg: Freecorder FLV Service => "C:\Program Files\Freecorder\FLVSrvc.exe" /run
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Work 2\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Hardware Abstraction Layer => "C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE"
MSCONFIG\startupreg: MSMSGS => "C:\Program Files\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
MSCONFIG\startupreg: nod32kui => "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
MSCONFIG\startupreg: OnlineTextBuddy => "C:\Program Files\Telstra\OnlineTextBuddy\OnlineTextBuddy.exe" /quiet
MSCONFIG\startupreg: OODefragTray => C:\WINDOWS\system32\oodtray.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: SkyTel => SkyTel.EXE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdateReminder => C:\Program Files\Eset\UpdateReminder.exe
MSCONFIG\startupreg: UVS11 Preload => C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
==================== Accounts: =============================
Administrator (S-1-5-21-1343024091-1326574676-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1343024091-1326574676-725345543-1005 - Limited - Enabled)
Guest (S-1-5-21-1343024091-1326574676-725345543-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1343024091-1326574676-725345543-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1343024091-1326574676-725345543-1002 - Limited - Disabled)
User2 (S-1-5-21-1343024091-1326574676-725345543-1008 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\User2
Work 2 (S-1-5-21-1343024091-1326574676-725345543-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Work 2
==================== Faulty Device Manager Devices =============
Name: Logitech PS/2 Keyboard
Description: Logitech PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/14/2015 08:43:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.89, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [chrome.exe!ws!]
Error: (03/14/2015 08:42:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application chrome.exe, version 41.0.2272.89, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [chrome.exe!ws!]
Error: (03/14/2015 08:38:09 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/14/2015 08:38:09 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/14/2015 08:38:03 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/14/2015 08:38:03 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/14/2015 08:37:58 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/14/2015 08:37:58 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: The server name or address could not be resolved
Error: (03/14/2015 08:35:48 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
Error: (03/14/2015 08:35:48 AM) (Source: crypt32) (EventID: 8) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download....authrootseq.txt> with error: This network connection does not exist.
System errors:
=============
Error: (03/14/2015 08:41:16 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.
Error: (03/14/2015 08:39:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SPCA1528 Video Camera Service service failed to start due to the following error:
%%2
Error: (03/14/2015 08:39:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG WatchDog service failed to start due to the following error:
%%1053
Error: (03/14/2015 08:39:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the AVG WatchDog service to connect.
Error: (03/14/2015 08:39:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%1053
Error: (03/14/2015 08:39:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the AVGIDSAgent service to connect.
Error: (03/14/2015 08:39:46 AM) (Source: WMPNetworkSvc) (EventID: 14325) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because QueryService encountered error '0x80004002'. In Windows Media Player, turn off media sharing, and then turn it back on.
Error: (03/14/2015 08:38:24 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (03/14/2015 08:33:48 AM) (Source: DCOM) (EventID: 10005) (User: COMPUTER)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error: (03/14/2015 08:32:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
Avgdiskx
AVGIDSDriverl
AVGIDSShim
Avgldx86
Avgtdix
Fips
i8042prt
intelppm
IPSec
MRxSmb
NetBIOS
NetBT
RasAcd
Rdbss
SCDEmu
StarOpen
Tcpip
WS2IFSL
Microsoft Office Sessions:
=========================
Error: (12/15/2014 05:45:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 805 seconds with 240 seconds of active time. This session ended with a crash.
Error: (09/22/2014 06:46:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2679 seconds with 300 seconds of active time. This session ended with a crash.
Error: (08/11/2014 07:34:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3750 seconds with 600 seconds of active time. This session ended with a crash.
Error: (01/31/2014 03:20:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6344 seconds with 1560 seconds of active time. This session ended with a crash.
Error: (10/30/2013 07:36:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1401 seconds with 360 seconds of active time. This session ended with a crash.
Error: (10/03/2013 08:42:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 711 seconds with 240 seconds of active time. This session ended with a crash.
Error: (09/11/2013 02:18:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (06/22/2013 03:20:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18698 seconds with 2400 seconds of active time. This session ended with a crash.
Error: (06/19/2013 09:13:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 19942 seconds with 2100 seconds of active time. This session ended with a crash.
Error: (05/21/2013 10:04:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1611 seconds with 780 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 90%
Total physical RAM: 2039.07 MB
Available physical RAM: 194.04 MB
Total Pagefile: 4970.38 MB
Available Pagefile: 2963.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.76 MB
==================== Drives ================================
Drive c: (Main) (Fixed) (Total:931.51 GB) (Free:2.99 GB) NTFS ==>[Drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: C8188012)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Sign In
Create Account
