Recently I have been having problems with bluescreens occurring randomly. I think it may be because a forum I often browse is known to be running on a server infected with malware (supposed to redirect your browser to some inappropriate websites, although I run noscript on firefox, so the redirect is stopped). The forum admins insist that it is safe to browse, especially with noscript running on firefox, and whenever I have run malwarebytes since their server has been infected, nothing has been detected.
However, I still get these random bluescreens, and I also suspect that when Antivir tries to update, no updates are ever downloaded.
Thanks for your help in advance.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-04-2015 04
Ran by kir (administrator) on PC on 17-04-2015 01:24:01
Running from C:\Users\kir\Desktop
Loaded Profiles: kir (Available profiles: kir)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\System32\CTSVCCDA.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SigmaTel, Inc.) C:\Windows\sttray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(IBM Corp.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-11-17] (Synaptics, Inc.)
HKLM\...\Run: [Camera Assistant Software] => C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [638976 2007-04-03] (Chicony)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [56080 2007-04-11] (Logitech Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Windows\sttray.exe [303104 2007-01-30] (SigmaTel, Inc.)
HKLM\...\Run: [AdobeCS4ServiceManager] => C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-10-14] (Hewlett-Packard)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [40072 2007-05-04] (soft thinks)
HKLM\...\Command Processor: <======= ATTENTION
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\Run: [] => [X]
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\RunOnce: [Adobe Speed Launcher] => 1429228666
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\MountPoints2: {aa505fb2-82b7-11df-b7dd-00197edfd759} - F:\Startme.exe
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...409d6c4515e9\InprocServer32: [Default-shell32] <==== ATTENTION!
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\InprocServer32: [Default-pngfilt] <==== ATTENTION!
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...A8F59079A8D5}\localserver32: <==== ATTENTION!
Startup: C:\Users\kir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.google...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.google...q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...s=PTB&M=M-6821b
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {B832163C-FC7D-4766-916D-D0727C113D57} URL = http://www.google.co...age={startPage}
SearchScopes: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000 -> {105D2601-A980-4C49-B0BF-B1E2B030E357} URL = https://uk.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000 -> {B832163C-FC7D-4766-916D-D0727C113D57} URL = http://www.google.co...age={startPage}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-12-15] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
BHO: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll [2008-02-20] (Zeon Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-15] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 5\bin\ZeonIEFavClient.dll [2008-02-20] (Zeon Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab
DPF: {142DC14B-63E4-453E-8B4B-AE36A52BF049} http://appdown.naver.../NLiveCastX.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} http://ac100web.lse....ull/awswaxf.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.5.3.0.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.on...e/en/crlocx.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: {FE9CE737-7BA6-451D-A4E0-EB4599D46FD6} http://www.melon.com...eXInstaller.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-01-28] (McAfee, Inc.)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Homepage: https://www.google.c...p_VGOOU0AWlooFA
FF Keyword.URL: https://uk.search.ya...370D20140714&p=
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1"
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Content Uploader\npUpload.dll [2007-09-28] (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-15] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-05-16] ( )
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files\Sony\Media Go\npmediago.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3409986712-3818737891-1182124187-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\kir\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-03-02] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3409986712-3818737891-1182124187-1000: electronicarts.com/GameFacePlugin -> C:\Users\kir\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2010-12-13] (Electronic Arts)
FF Plugin HKU\S-1-5-21-3409986712-3818737891-1182124187-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-09-19] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-03-05] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-03-05] (Apple Inc.)
FF SearchPlugin: C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\searchplugins\siteadvisor.xml [2007-12-21]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-01-21]
FF Extension: Segurança do navegador Avira - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\[email protected] [2015-04-01]
FF Extension: Chromifox Basic - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\[email protected] [2010-03-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-08]
FF Extension: FoxyTunes - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374} [2012-03-24]
FF Extension: EPUBReader - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2015-03-20]
FF Extension: Full Flat - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{6E1A2A2E-AE2A-4A26-A812-46F54288379E} [2010-01-30]
FF Extension: QuickRestart - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD} [2010-01-30]
FF Extension: NoScript - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-04-01]
FF Extension: Adblock Plus - C:\Users\kir\AppData\Roaming\Mozilla\Firefox\Profiles\uqbwghbl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-04-05]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-04-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-01]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor [2008-07-27]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-05]
Chrome:
=======
CHR DefaultSearchKeyword: Default -> google.co.uk
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-08]
CHR Extension: (Google Docs) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-08]
CHR Extension: (Google Drive) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-08]
CHR Extension: (YouTube) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-08]
CHR Extension: (Google Search) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-08]
CHR Extension: (Google Sheets) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-08]
CHR Extension: (SiteAdvisor) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-08]
CHR Extension: (Avira Browser Safety) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-08]
CHR Extension: (Bookmark Manager) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-03-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-08]
CHR Extension: (Gmail) - C:\Users\kir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2011-02-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [815352 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1004032 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 Creative Service for CDROM Access; C:\Windows\system32\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2015-02-19] (McAfee, Inc.)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 5\PDFProFiltSrv.exe [144672 2008-02-27] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe [1943832 2015-03-11] (IBM Corp.)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [69792 2014-06-04] (Absolute Software Corp.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2006-11-02] (Intel Corporation)
S3 AF05BDA; C:\Windows\System32\drivers\AF05BDA.sys [117376 2007-09-18] (AfaTech )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R1 BUFADPT; C:\Windows\system32\BUFADPT.SYS [11008 2007-01-11] (BUFFALO INC.) [File not signed]
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [78848 2014-11-18] (Intel Corporation)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28688 2007-04-11] (Logitech, Inc.)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
R1 RapportBuka; C:\Windows\system32\drivers\RapportBuka.sys [390528 2010-02-27] (Trusteer Ltd.) [File not signed]
R1 RapportCerberus_80128; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80128.sys [472152 2015-02-24] (IBM Corp.)
R1 RapportEI; C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys [251640 2015-03-11] (IBM Corp.)
S3 RapportKELL; C:\Windows\System32\Drivers\RapportKELL.sys [208856 2015-03-11] (IBM Corp.)
S3 RapportPG; C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys [332696 2015-03-11] (IBM Corp.)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [650240 2007-01-30] (SigmaTel, Inc.)
S3 tapvpn; C:\Windows\System32\DRIVERS\tapvpn.sys [27136 2008-01-23] (The OpenVPN Project) [File not signed]
S3 u2kg54l; C:\Windows\System32\DRIVERS\u2kg54l.sys [863288 2007-04-02] (Atheros Communications, Inc.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-14] (Chicony Electronics Co., Ltd.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\kir\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-17 01:24 - 2015-04-17 01:25 - 00029330 _____ () C:\Users\kir\Desktop\FRST.txt
2015-04-17 01:22 - 2015-04-17 01:23 - 01137152 _____ (Farbar) C:\Users\kir\Desktop\FRST.exe
2015-04-17 00:51 - 2015-04-17 00:57 - 00009634 _____ () C:\Windows\WindowsUpdate.log
2015-04-17 00:49 - 2015-04-17 00:49 - 00000310 _____ () C:\Windows\PFRO.log
2015-04-16 17:44 - 2015-04-16 17:44 - 00345034 _____ () C:\Users\kir\Desktop\my_fake_wedding_red_dress_ink_numbered_paperback__.epub
2015-04-09 14:33 - 2015-04-09 14:33 - 00625459 _____ () C:\Users\kir\Desktop\bed_of_roses_daisy_waugh_.epub
2015-04-07 19:25 - 2015-04-07 19:25 - 00490070 _____ () C:\Users\kir\Desktop\the_precious_one_de_los_santos_marisa.epub
2015-04-07 19:24 - 2015-04-07 19:24 - 00275269 _____ () C:\Users\kir\Desktop\silver_wedding_binchy_maeve.epub
2015-04-07 19:22 - 2015-04-07 19:22 - 00419998 _____ () C:\Users\kir\Desktop\tara_road_binchy_maeve.epub
2015-04-07 19:21 - 2015-04-07 19:21 - 00495294 _____ () C:\Users\kir\Desktop\what_a_girl_wants_kelk_lindsey.epub
2015-04-05 17:31 - 2015-04-05 17:31 - 00000000 ____D () C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-17 01:24 - 2014-06-02 03:01 - 00000000 ____D () C:\FRST
2015-04-17 01:22 - 2011-04-26 13:13 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-17 01:21 - 2006-11-02 13:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-17 01:21 - 2006-11-02 13:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-17 00:57 - 2011-04-26 13:13 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-17 00:52 - 2007-03-20 00:01 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe
2015-04-17 00:49 - 2014-05-16 13:42 - 00017408 _____ () C:\Windows\system32\rpcnetp.dll
2015-04-17 00:49 - 2007-03-20 00:07 - 00069792 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2015-04-17 00:49 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-17 00:48 - 2014-06-02 03:09 - 00000000 ____D () C:\AdwCleaner
2015-04-17 00:36 - 2008-06-12 15:40 - 00000000 ____D () C:\Windows\Minidump
2015-04-16 06:13 - 2007-06-29 18:52 - 00007460 _____ () C:\Windows\bthservsdp.dat
2015-04-16 06:13 - 2006-11-02 14:01 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-15 18:13 - 2012-04-11 09:45 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 18:13 - 2011-06-21 17:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-14 22:18 - 2011-11-28 21:41 - 00000000 ____D () C:\Users\kir\Documents\Lib Stuff
2015-04-14 18:29 - 2013-09-18 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2015-04-09 14:38 - 2014-09-12 16:15 - 00000000 ____D () C:\Users\kir\Desktop\New Folder
2015-04-09 14:26 - 2014-12-28 19:12 - 00000000 ____D () C:\Users\kir\Desktop\New Folder (2)
2015-04-08 14:48 - 2015-02-09 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-08 14:48 - 2014-08-07 15:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 14:47 - 2012-10-17 00:44 - 00000000 ____D () C:\Program Files\Avira
2015-04-05 21:16 - 2012-04-26 01:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-05 16:42 - 2014-07-08 16:45 - 00000080 _____ () C:\Users\kir\Desktop\gn.txt
2015-04-04 23:01 - 2015-02-23 19:52 - 00000000 ____D () C:\Users\kir\Desktop\m
2015-04-03 16:39 - 2015-01-08 18:55 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-01 15:05 - 2012-10-17 00:50 - 00000000 ____D () C:\Users\kir\AppData\Roaming\Avira
2015-04-01 15:03 - 2012-10-17 00:44 - 00000000 ____D () C:\ProgramData\Avira
2015-03-26 19:31 - 2007-09-22 16:16 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-26 01:02 - 2014-12-02 23:17 - 00000453 _____ () C:\Users\kir\Desktop\RenewDates.txt
2015-03-24 20:02 - 2014-04-16 16:36 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
==================== Files in the root of some directories =======
2011-08-30 19:17 - 2011-08-30 19:17 - 0000268 ___RH () C:\Users\kir\AppData\Roaming\Trumpet Section
2011-08-30 19:18 - 2011-08-30 19:18 - 0000268 ___RH () C:\Users\kir\AppData\Roaming\Tuner
2011-08-30 19:18 - 2011-08-30 19:18 - 0000268 ___RH () C:\Users\kir\AppData\Roaming\URLs
2007-09-05 17:47 - 2009-09-09 18:03 - 0000412 _____ () C:\Users\kir\AppData\Roaming\wklnhst.dat
2009-01-10 19:46 - 2013-07-29 18:28 - 0006648 _____ () C:\Users\kir\AppData\Local\d3d9caps.dat
2007-09-05 17:43 - 2013-02-01 17:08 - 0079872 _____ () C:\Users\kir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-10-07 20:39 - 2009-05-05 21:48 - 0000600 _____ () C:\Users\kir\AppData\Local\PUTTY.RND
2012-02-03 07:07 - 2012-02-03 07:07 - 0003774 _____ () C:\ProgramData\114la.ico
2007-12-02 18:51 - 2013-05-22 20:51 - 0002137 _____ () C:\ProgramData\hpzinstall.log
2011-08-30 19:18 - 2011-08-30 19:18 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2011-08-30 19:17 - 2011-08-30 19:17 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2011-08-30 19:18 - 2011-08-30 19:18 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2011-08-30 19:17 - 2011-08-30 19:17 - 0000268 ___RH () C:\ProgramData\User Pictures
2011-08-30 19:18 - 2011-08-30 19:18 - 0000268 ___RH () C:\ProgramData\Utilities
2011-08-30 19:18 - 2011-08-30 19:18 - 0000268 ___RH () C:\ProgramData\Vocal Transformer
Files to move or delete:
====================
C:\Windows\Tasks\{0CB00D08-A61A-4182-96EC-B43D9BB2AC7A}.job
C:\Windows\Tasks\{86B3E4E6-B77B-4110-A9D8-BCFC436CCC79}.job
C:\Windows\Tasks\{F800DEF9-BE9B-4A49-B488-98FD495915BB}.job
Some content of TEMP:
====================
C:\Users\kir\AppData\Local\Temp\avgnt.exe
C:\Users\kir\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-17 00:58
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-04-2015 04
Ran by kir at 2015-04-17 01:26:12
Running from C:\Users\kir\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe InDesign CS4 (HKLM\...\Adobe_1710d324011afc3e7658e969025f4ba) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
AIO_Scan (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
Avira (HKLM\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
C4380_Help (Version: 90.0.189.000 - Hewlett-Packard) Hidden
C5200 (Version: 100.0.206.000 - Hewlett-Packard) Hidden
C5200_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden
Camera Assistant Software for Gateway (HKLM\...\{39098402-3F7A-4257-A4AE-FC1181D1B40B}) (Version: 1.7.022.0430 - Chicony Electronics Co.,Ltd.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG4200 series User Registration (HKLM\...\Canon MG4200 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Chinese Traditional Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-2448-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Connect (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Creative Removable Disk Manager (HKLM\...\Creative Removable Disk Manager) (Version: - )
Creative System Information (HKLM\...\SysInfo) (Version: - )
Crystal Ball (HKLM\...\{2967D5BC-740B-4422-B019-5560DA932F15}) (Version: 11.1.63.0 - Crystal Ball)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
Dia (remove only) (HKLM\...\Dia) (Version: - )
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
EA SPORTS Gameface Browser Plugin 1.3.1.0 (HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\EA SPORTS Gameface Browser Plugin) (Version: 1.3.1.0 - Electronic Arts)
Far Cry (Patch 1.4) (Version: 1.00.0000 - Ubisoft) Hidden
Fax (Version: 100.0.187.000 - Hewlett-Packard) Hidden
GanttProject (HKLM\...\GanttProject) (Version: - )
GanttProject 2.0.9 (HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\GanttProject 2.0.9) (Version: - GanttProject Team)
Gateway Recovery Center Installer (HKLM\...\{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}) (Version: 1.01.027 - Gateway)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Photosmart All-In-One Driver Software 10.0 Rel .2 (HKLM\...\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}) (Version: 10.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
K-Lite Mega Codec Pack 10.0.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Kotor Tool (HKLM\...\Kotor Tool) (Version: - )
kuler (Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maple 11 (HKLM\...\Maple 11) (Version: 11.0.0.0 - Maplesoft)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.)
Media Go (HKLM\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM\...\{5562F05F-908C-4F15-9B3C-98D5FD32DCAB}) (Version: 1.5.19.0 - Sony)
Media Go Video Playback Engine 2.12.106.06300 (HKLM\...\{073B10F3-AD7B-4083-FDE4-EF552EA7362D}) (Version: 2.12.106.06300 - Sony)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0080 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (HKLM\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Moto Contacts Tool (HKLM\...\{018C7ADA-ED29-413F-BE57-2200A0FEFC06}) (Version: 1.00.0007 - Motorola)
Move Networks Media Player for Internet Explorer (HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\Move Networks Player - IE) (Version: - )
Mozilla Firefox 37.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 37.0.1 (x86 en-GB)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 4.1 (HKLM\...\{FF2705ED-8734-417D-A854-4EA3F679CCC5}) (Version: 4.1.22 - MySQL AB)
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version: - )
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.4.49.0 - Nokia)
Nokia Suite (Version: 3.4.49.0 - Nokia) Hidden
Nuance PDF Professional 5 (HKLM\...\{20ECF3EE-4F7B-40ED-98E7-8CA63FC69F14}) (Version: 5.00.3233 - Nuance Communications, Inc)
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PanoStandAlone (Version: 100.0.170.000 - Hewlett-Packard) Hidden
PC Connectivity Solution (HKLM\...\{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}) (Version: 12.0.17.0 - Nokia)
PDF Settings CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
PlayStation®Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.03.00126 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 3.2.11.09227 - Sony Computer Entertainment Inc.)
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: - )
PS_AIO_02_ProductContext (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (Version: 100.0.206.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapport (Version: 3.5.1404.84 - Trusteer) Hidden
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (Version: - ) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5102.0 - SigmaTel)
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Sony Ericsson Device Data (Version: 1.0.32 - Sony Ericsson) Hidden
Sony Ericsson Drivers (Version: 1.0.28 - Sony Ericsson) Hidden
Sony Ericsson PC Suite (HKLM\...\{D6BF6477-8369-489F-8DE6-3731F4B88560}) (Version: 2.10.46 - )
Sony Ericsson PC Suite (Version: 2.10.37 - Sony Ericsson) Hidden
Sony PC Companion 2.10.197 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.197 - Sony)
Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.3.0 - Synaptics)
System Requirements Lab for Intel (HKLM\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
The Sims Livin' it up (HKLM\...\{49D4FCCF-45D6-11D4-8F73-0050DA0F6297}) (Version: - )
The Sims Makin' Magic (HKLM\...\{9A00D1BA-D03A-44E5-AF28-86A1F377DF61}) (Version: - )
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Trusteer Endpoint Protection (HKLM\...\Rapport_msi) (Version: 3.5.1404.84 - Trusteer)
Unity Web Player (HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Service (HKLM\...\Update Service) (Version: 2.10.7.15 - Sony Ericsson Mobile Communications AB)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software 6.0.1.4900 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.4900 - )
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
ZEN Vision:M Series Media Explorer (HKLM\...\ZEN Vision:M Series Media Explorer) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00BB2764-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00BB2765-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{060AF76C-68DD-11D0-8FC1-00C04FD9189D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{067B4B81-B1EC-489F-B111-940EBDC44EBE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{0E890F83-5F79-11D1-9043-00C04FD9189D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{16D51579-A30B-4C8B-A276-0FF4DC41E755}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{1DCB3A00-33ED-11D3-8470-00C04F79DBC0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{1E651CC0-B199-11D0-8212-00C04FC32C45}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{22D6F312-B0F6-11D0-94AB-0080C74C7E95}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{25BAAD81-3560-11D3-8471-00C04F79DBC0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{294935CE-F637-4E7C-A41B-AB255460B862}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{304CE942-6E39-40D8-943A-B913C40C9CD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3050F4CF-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3050F4F5-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{30C3B080-30FB-11D0-B724-00AA006C1A01}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{336475D0-942A-11CE-A870-00AA002FEAB5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3484F78F-F8CE-4CF3-914F-10F1A76BF0D5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{385A91BC-1E8A-4E4A-A7A6-F4FC1E6CA1BD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3C374A40-BAE4-11CF-BF7D-00AA006946EE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{3F30C968-480A-4C6C-862D-EFC0897BB84B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4063BE15-3B08-470D-A0D5-B37161CFFD69}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{41FCCC3A-1FA1-4949-953A-6EE61C46A4D1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4315D437-5B8C-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4336A54D-038B-4685-AB02-99BB52D3FB8B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\kir\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4657278A-411B-11D2-839A-00C04FD918D0}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4A2286E0-7BEF-11CE-9BD9-0000E202599C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4CB26C03-FF93-11D0-817E-0000F87557DB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4DB26476-6787-4046-B836-E8412A9E8A27}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{4FD2A832-86C8-11D0-8FCA-00C04FD9189D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{527C9A9B-B9A2-44B0-84F9-F0DC11C2BCFB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{5C4094D7-4213-4C40-9E33-16A2D2D69EF2}\InprocServer32 -> C:\Program Files\Sony\PlayStation Store\StoreDrmUtility.dll (Sony Computer Entertainment Inc.)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{5DC5B31E-0C28-4679-B8D8-32CF2F9BACED}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6263C176-0876-4B04-8DE0-44AB74489D72}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{62BE5D10-60EB-11D0-BD3B-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6935DB93-21E8-4CCC-BEB9-9FE3C77A297A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6A01FDA0-30DF-11D0-B724-00AA006C1A01}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6BC1CFFA-8FC1-4261-AC22-CFB4CC38DB50}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6BF52A52-394A-11D3-B153-00C04F79FAA6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{6E8D4A20-310C-11D0-B79A-00AA003767A7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{70E102B0-5556-11CE-97C0-00AA0055595A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{71C3BF7F-682F-4B5E-9E47-5C25D3AC9458}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{77F419AA-771A-45FF-AC66-7567FA3243D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{77F7F122-20B0-4117-A2FB-059D1FC88256}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{79376820-07D0-11CF-A24D-0020AFD79767}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{7D8AA343-6E63-4663-BE90-6B80F66540A3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{7D9070AB-371A-4614-A964-D21BDFE1030B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{81397204-F51A-4571-8D7B-DC030521AABD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{85E94D25-0712-47ED-8CDE-B0971177C6A1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{875CB1A1-0F29-45DE-A1AE-CFB4950D0B78}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{8E85D0CE-DEAF-4EA1-9410-FD1A2105CEB5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{8F170678-2A97-4D59-89A1-7A0A71C1B677}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{99D54F63-1A69-41AE-AA4D-C976EB3F0713}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{9B8C4620-2C1A-11D0-8493-00A02438AD48}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{A7EE7F34-3BD1-427F-9231-F941E9B7E1FE}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{AB968F1E-E20B-403A-9EB8-72EB0EB6797E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{ADC6CB82-424C-11D2-952A-00C04FA34F05}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{C206F324-BB45-4765-93FF-3BCA7306FF2E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{CBD32ACD-3033-5DC4-AF3E-A32955785032}\InprocServer32 -> C:\Users\kir\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{CD8743A1-3736-11D0-9E69-00C04FD7C15B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{CDA42200-BD88-11D0-BD4E-00A0C911CE86}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{CE292861-FC88-11D0-9E69-00C04FD7C15B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{D1FE6762-FC48-11D0-883A-3C8B00C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E03E85B0-7BE3-4000-BA98-6C13DE9FA486}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E1F1A0B8-BEEE-490D-BA7C-066C40B5E2B9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Users\kir\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E3E478D6-A2F2-4791-89A3-21F5C78DC3EC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E436EBB2-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E436EBB5-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E436EBB8-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Users\kir\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E569BDE7-A8DC-47F3-893F-FD2B31B3EEFD}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{F3364BA0-65B9-11CE-A9BA-00AA004AE837}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Users\kir\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{FCC152B7-F372-11D0-8E00-00C04FD7C08B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Users\kir\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{FEB50740-7BEF-11CE-9BD9-0000E202599C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3409986712-3818737891-1182124187-1000_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> No File Path
==================== Restore Points =========================
01-04-2015 16:13:01 Scheduled Checkpoint
04-04-2015 02:05:08 Windows Update
05-04-2015 16:49:10 Scheduled Checkpoint
07-04-2015 20:07:31 Scheduled Checkpoint
08-04-2015 01:42:55 Windows Update
08-04-2015 15:49:02 Scheduled Checkpoint
10-04-2015 15:05:33 Scheduled Checkpoint
11-04-2015 01:22:51 Windows Update
12-04-2015 02:57:29 Installed Chinese Simplified Fonts Support For Adobe Reader X.
14-04-2015 18:28:43 Installed Rapport
15-04-2015 01:42:34 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2007-09-08 12:48 - 00178248 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com
127.0.0.1 hi.studioaperto.net
127.0.0.1 www.hi.studioaperto.net
127.0.0.1 wazzupnet.com
127.0.0.1 www.wazzupnet.com
127.0.0.1 gueb.com
127.0.0.1 www.gueb.com
127.0.0.1 kabex.com
127.0.0.1 www.kabex.com
127.0.0.1 hityou.com
127.0.0.1 www.hityou.com
127.0.0.1 miosearch.com
127.0.0.1 www.miosearch.com
127.0.0.1 blue-elefant.com
127.0.0.1 www.blue-elefant.com
127.0.0.1 babeweb.de
127.0.0.1 www.babeweb.de
127.0.0.1 start-seite.com
127.0.0.1 www.start-seite.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {16C4E370-E6EC-4CC8-AC56-73EFFF6235FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {228C0041-F747-4ED3-A345-D120C2BE7882} - System32\Tasks\Microsoft\Windows\RestartManager\{40FF92F9-5952-4115-A106-7A530C9EFA9F} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {2D2A5167-F886-4751-B474-4F64CC32D776} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3409986712-3818737891-1182124187-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {2EBCA8EB-E63C-4B9C-BC70-138141499F35} - System32\Tasks\{A59FEC0E-20A6-4A52-8F43-B664F8BF1A8A} => pcalua.exe -a C:\Users\kir\Desktop\ComboFix.exe -d C:\Users\kir\Desktop
Task: {3F53BFEB-AF78-4DF5-8523-F600B9DACB38} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {47E7A8FF-F674-455E-A73F-3DA36CA74F2C} - System32\Tasks\Microsoft\Windows\RestartManager\{3F1DB646-2AC6-413b-AE84-09ECA4FBD948} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {665B26E7-3C0B-4268-959A-199585431F1C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6B58BB98-6868-4309-B118-A08A4EAE2530} - System32\Tasks\Microsoft\Windows\RestartManager\{85BB0742-CBCC-49fa-B0C2-91CF9FCF11C3} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {841D2791-9E8A-44C7-ADDF-3C637FDFE49C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - kir => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {88131826-F0A2-4A4B-AA56-840049560A8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {B2F76297-BFEE-4D90-BA12-7BFE273416AD} - System32\Tasks\Microsoft\Windows\RestartManager\{B18D328B-2298-4de5-B450-16A2E8E8B2EE} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {E5706851-D6A5-42ED-A217-60A0E1EA333D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3409986712-3818737891-1182124187-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\{0CB00D08-A61A-4182-96EC-B43D9BB2AC7A}.job => C:\Program Files\BlazeVideo\BlazeDTV 2.5a\scheduleCall.exe
Task: C:\Windows\Tasks\{86B3E4E6-B77B-4110-A9D8-BCFC436CCC79}.job => C:\Program Files\BlazeVideo\BlazeDTV 2.5a\scheduleCall.exe
Task: C:\Windows\Tasks\{F800DEF9-BE9B-4A49-B488-98FD495915BB}.job => C:\Program Files\BlazeVideo\BlazeDTV 2.5a\scheduleCall.exe
==================== Loaded Modules (whitelisted) ==============
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-07-27 19:51 - 2009-02-13 13:44 - 00117264 _____ () c:\Program Files\McAfee\SiteAdvisor\apengine.dll
2008-07-27 19:51 - 2009-02-13 13:44 - 00071696 _____ () c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
2008-07-27 19:51 - 2009-02-13 13:44 - 00207376 _____ () c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
2007-09-19 17:04 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2008-02-27 02:09 - 2008-02-27 02:09 - 02560000 _____ () C:\Program Files\Nuance\PDF Professional 5\cnvres_eng.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files\Trusteer\Rapport\bin\js32.dll
2007-06-29 18:56 - 2007-04-30 21:06 - 05020160 _____ () C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
2013-10-01 02:36 - 2013-09-12 19:00 - 03502080 _____ () C:\Program Files\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:981884E7
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\Software\Classes\.exe: => <===== ATTENTION!
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3409986712-3818737891-1182124187-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kir\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^kir^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ViiKiiDesktopPlugin.lnk => C:\Windows\pss\ViiKiiDesktopPlugin.lnk.Startup
MSCONFIG\startupreg: BigFix => c:\program files\Bigfix\bigfix.exe /atstartup
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CTSyncU.exe => "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files\Nuance\PDF Professional 5\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files\Nuance\PDF Professional 5\pdfpro5hook.exe
MSCONFIG\startupreg: Sony Ericsson PC Suite => "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-3409986712-3818737891-1182124187-500 - Administrator - Disabled)
Guest (S-1-5-21-3409986712-3818737891-1182124187-501 - Limited - Disabled)
kir (S-1-5-21-3409986712-3818737891-1182124187-1000 - Administrator - Enabled) => C:\Users\kir
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/17/2015 00:57:43 AM) (Source: LoadPerf) (EventID: 3002) (User: )
Description: :16
Error: (04/17/2015 00:51:22 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.
Context: Windows Application, SystemIndex Catalog
Details:
The content index metadata cannot be read. 0xc0041801 (0xc0041801)
Error: (04/17/2015 00:50:23 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index metadata cannot be read. (0xc0041801)
Error: (04/17/2015 00:50:23 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index metadata cannot be read. (0xc0041801)
Error: (04/17/2015 00:50:23 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (0x80070490)
Error: (04/17/2015 00:50:01 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index metadata cannot be read. (0xc0041801)
Error: (04/17/2015 00:50:01 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. )
Error: (04/17/2015 00:49:57 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
Details:
0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. )
Error: (04/17/2015 00:32:08 AM) (Source: LoadPerf) (EventID: 3002) (User: )
Description: >16
Error: (04/17/2015 00:26:01 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (08/09/2011 02:15:03 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 146 seconds with 60 seconds of active time. This session ended with a crash.
Error: (02/20/2010 08:51:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7629 seconds with 1200 seconds of active time. This session ended with a crash.
Error: (12/03/2009 01:52:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30596 seconds with 5160 seconds of active time. This session ended with a crash.
Error: (11/25/2009 03:39:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16893 seconds with 10440 seconds of active time. This session ended with a crash.
Error: (12/02/2008 09:11:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/30/2008 03:58:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/30/2008 03:16:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/29/2008 07:12:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/29/2008 06:57:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 85 seconds with 60 seconds of active time. This session ended with a crash.
Error: (11/29/2008 06:46:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 51 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-04-17 01:25:10.382
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:10.130
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:09.865
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:09.621
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RapportKELL.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:09.202
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:08.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:08.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:08.433
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Trusteer\Rapport\bin\RapportEI.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:08.045
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80128.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-17 01:25:07.802
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_80128.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T7100 @ 1.80GHz
Percentage of memory in use: 80%
Total physical RAM: 2037.69 MB
Available physical RAM: 406.46 MB
Total Pagefile: 4316.6 MB
Available Pagefile: 2321.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:139.2 GB) (Free:30.73 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:9.85 GB) (Free:3.91 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 7BD1F01D)
Partition 1: (Not Active) - (Size=9.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=139.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================