Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My computer is somehow infected [Solved]


  • This topic is locked This topic is locked

#1
bnkplus2

bnkplus2

    Member

  • Member
  • PipPip
  • 18 posts

Hi,

I was being assisted in the thread below for a permission issue when trying to install Family Tree Maker 2014, and Aura, who was assisting me, noticed that I had malware present on my system. He told me to come in this section to get checked and get them removed before he continues assisting me. Here's the link to the original thread:

http://www.geekstogo...wser-emulation/

-FRST.TXT LOG-
-ADDTIONS.TXT LOG-

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-04-2015 02
Ran by Robert (administrator) on ROBERT-PC on 24-04-2015 10:22:41
Running from C:\Users\Robert\Downloads
Loaded Profiles: Robert & UpdatusUser (Available profiles: Robert & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\MountPoints2: {1b320c41-faf3-11e2-a4b7-4487fc6eccb9} - J:\MediaManager.exe
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\MountPoints2: {cf7239cc-8756-11e4-a410-4487fc6eccb9} - J:\LaunchU3.exe -a
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3276278619-1820661984-955229075-1002\User: Group Policy restriction detected <======= ATTENTION
CHR HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...e={installDate}
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3276278619-1820661984-955229075-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/...e={installDate}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> BA2399AACC0A463992F623C5C36305F5 URL = http://search.yahoo....rtPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {305B5C67-3051-4DA0-910E-2DD7F6EB732C} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...3d3LmJpbmcuY29t
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
BHO: DustApps -> {0622D1AC-7D62-42F9-8393-A66E32146E0C} -> C:\Windows\system32\config\systemprofile\AppData\Local\DustApps\plugin.dll [2015-01-26] (MicroApps Ltd)
BHO: No Name -> {0aedcac0-4262-4e14-8391-7b460f011e11} ->  No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: No Name -> {6C8DB2EC-499B-4897-A784-0E3186C97E9D} ->  No File
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO: No Name -> {8D8A9A55-50B0-3B66-FE2F-D233F9581F59} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: No Name -> {B23B1CB5-EC0D-65C9-464E-21EF02A28BCA} ->  No File
BHO: No Name -> {D0C21091-FF8E-432C-9006-0540E81BA9D7} ->  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818
FF DefaultSearchUrl:
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Homepage: https://www.yahoo.com/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-12-23] (Apple Inc.)
FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\searchplugins\V9.xml [2015-01-29]
FF Extension: Yahoo! Toolbar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-03-19]
FF Extension: GameLinkExchange - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\[email protected] [2014-02-21]
FF Extension: Gamers Unite! Snag Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}.xpi [2014-02-18]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-24]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2015-04-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn [2015-04-23]
FF HKU\.DEFAULT\...\FIREFOX\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: No Name - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi [2013-12-06]
FF HKU\.DEFAULT\...\FIREFOX\Extensions: [{7996ce89-79ce-4cbc-a8e9-24505863e530}] - C:\Program Files\Select-N-Go\150.xpi
FF HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Social Privacy\FF
FF HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Unfriend Watcher\FF
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-21]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [kjodcnfbgeogobpbgjgchiakhlhbepmm] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2013-07-03] () [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-13] (Elex do Brasil Participações Ltda)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
S4 LMIRescue_1075bab0-567b-4c1d-b3d0-af63858b3623; C:\Users\Robert\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe [3087664 2014-12-12] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-06] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20130814.001\BHDrvx86.sys [1097304 2013-08-12] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1507000.00B\ccSetx86.sys [127064 2014-02-20] (Symantec Corporation)
R2 EAPPkt; C:\Windows\System32\DRIVERS\EAPPkt.sys [66048 2005-04-01] (Windows ® 2000 DDK provider) [File not signed]
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [43368 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-08-14] (GFI Software)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20130805.011\IDSVix86.sys [392792 2013-08-05] (Symantec Corporation)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-03-13] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83752 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-02-16] (Elex do Brasil Participações Ltda)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20130929.005\NAVENG.SYS [93272 2013-09-29] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20130929.005\NAVEX15.SYS [1612376 2013-09-29] (Symantec Corporation)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-05-23] (Padus, Inc.) [File not signed]
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1507000.00B\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1507000.00B\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-01-30] ()
R0 SymDS; C:\Windows\System32\drivers\NIS\1507000.00B\SYMDS.SYS [367704 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1507000.00B\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2015-04-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1507000.00B\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1507000.00B\SYMNETS.SYS [447704 2014-08-25] (Symantec Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-24 10:22 - 2015-04-24 10:23 - 00019708 _____ () C:\Users\Robert\Downloads\FRST.txt
2015-04-24 10:22 - 2015-04-24 10:22 - 00000000 ____D () C:\FRST
2015-04-24 10:21 - 2015-04-24 10:21 - 00001098 _____ () C:\Users\Robert\Desktop\FRST.exe - Shortcut.lnk
2015-04-24 10:20 - 2015-04-24 10:20 - 01139200 _____ (Farbar) C:\Users\Robert\Downloads\FRST.exe
2015-04-24 08:14 - 2015-04-24 08:30 - 06691714 _____ () C:\Users\Robert\Downloads\bnkplus2_fddf91da.ZIP
2015-04-24 07:46 - 2015-04-24 07:46 - 00021558 _____ () C:\Users\Robert\Downloads\Result.txt
2015-04-24 07:43 - 2015-04-24 07:43 - 00402944 _____ (Farbar) C:\Users\Robert\Desktop\MiniToolBox.exe
2015-04-23 20:58 - 2015-04-23 20:58 - 00000000 ____D () C:\Users\TEMP.Robert-PC.000\AppData\Roaming\Mozilla
2015-04-23 20:58 - 2015-04-23 20:58 - 00000000 ____D () C:\Users\TEMP.Robert-PC.000
2015-04-23 19:41 - 2015-04-23 19:41 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-23 19:41 - 2015-04-23 19:41 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.005
2015-04-23 07:54 - 2015-04-23 12:29 - 00002321 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-04-23 07:54 - 2015-04-23 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-04-23 00:17 - 2015-04-23 00:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-23 00:06 - 2015-04-23 12:29 - 00002423 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-04-23 00:06 - 2015-04-23 00:06 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2015-04-23 00:06 - 2015-04-23 00:06 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2015-04-23 00:06 - 2015-04-23 00:06 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-04-23 00:04 - 2015-04-23 12:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-04-23 00:04 - 2015-04-23 12:29 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2015-04-23 00:04 - 2015-04-23 00:04 - 00000000 ____D () C:\Program Files\Norton Internet Security
2015-04-22 12:37 - 2015-04-22 17:43 - 00000032 _____ () C:\Users\Robert\Desktop\Microsoft Support.txt
2015-04-22 00:19 - 2015-04-22 00:19 - 00000000 ____D () C:\Users\TEMP.Robert-PC\AppData\Roaming\Mozilla
2015-04-22 00:19 - 2015-04-22 00:19 - 00000000 ____D () C:\Users\TEMP.Robert-PC
2015-04-21 23:54 - 2015-04-21 23:54 - 00000000 ____D () C:\ProgramData\Skype
2015-04-21 23:50 - 2015-03-13 20:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-21 23:50 - 2015-03-13 20:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-21 23:50 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-21 22:36 - 2015-04-21 22:40 - 00000000 ____D () C:\Users\Robert\Desktop\FTM 2014 (207)
2015-04-21 15:16 - 2015-04-21 15:16 - 00000000 ____D () C:\Users\Robert\AppData\Local\PackageAware
2015-04-21 03:18 - 2015-04-21 03:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-14 17:31 - 2015-03-22 20:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 17:31 - 2015-03-22 19:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 17:31 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-14 17:31 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 17:31 - 2015-03-16 22:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 17:31 - 2015-03-16 22:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 17:31 - 2015-03-16 21:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 17:31 - 2015-03-16 21:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 17:31 - 2015-03-16 21:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 17:31 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 17:31 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 17:31 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 17:31 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 17:31 - 2015-03-03 21:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 17:31 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 17:30 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 17:30 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 17:30 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 17:30 - 2015-03-12 20:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 17:30 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 17:30 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 17:30 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 17:30 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 17:30 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 17:30 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 17:30 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 17:30 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 17:30 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 17:30 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 17:30 - 2015-03-12 20:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 17:30 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 17:30 - 2015-03-12 20:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 17:30 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 17:30 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 17:30 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 17:30 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 17:30 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 17:30 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 17:30 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 17:30 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 17:30 - 2015-03-12 19:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 17:30 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 17:30 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 17:30 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 17:30 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 17:30 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 17:30 - 2015-03-04 21:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 17:29 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 17:29 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 17:29 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 17:29 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 17:29 - 2015-02-24 20:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-04 03:06 - 2015-04-04 03:06 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.001\AppData\Roaming\Mozilla
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.001
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.004
2015-04-01 23:19 - 2015-04-01 23:19 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-01 23:19 - 2015-04-01 23:19 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.003
2015-03-27 22:11 - 2015-03-27 22:11 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.002\AppData\Roaming\Mozilla
2015-03-27 22:11 - 2015-03-27 22:11 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.002

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-24 10:20 - 2009-07-13 21:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:20 - 2009-07-13 21:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:16 - 2013-10-30 10:07 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-24 10:10 - 2013-02-25 14:12 - 02029911 _____ () C:\Windows\WindowsUpdate.log
2015-04-24 10:09 - 2015-02-05 08:29 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04158885efb70.job
2015-04-24 10:09 - 2013-02-25 23:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-24 07:48 - 2014-10-15 22:22 - 01072640 ___SH () C:\Users\Robert\Downloads\Thumbs.db
2015-04-24 07:42 - 2015-02-05 08:29 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041588543f030.job
2015-04-24 03:04 - 2014-03-05 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 22:47 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\tracing
2015-04-23 21:10 - 2014-12-18 21:15 - 00000000 ____D () C:\Program Files\Family Tree Maker 2014
2015-04-23 15:32 - 2013-04-18 15:30 - 00000330 _____ () C:\Windows\Tasks\shield check.job
2015-04-23 12:38 - 2013-09-28 16:09 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-04-23 12:38 - 2013-09-28 16:09 - 00000438 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
2015-04-23 12:28 - 2014-12-04 03:35 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-04-23 12:28 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-23 12:28 - 2009-07-13 21:39 - 00064168 _____ () C:\Windows\setupact.log
2015-04-23 01:00 - 2013-10-13 12:31 - 00689664 ___SH () C:\Users\Robert\Documents\Thumbs.db
2015-04-23 00:45 - 2013-09-29 19:18 - 00001285 _____ () C:\Users\Robert\Desktop\Norton Installation Files.lnk
2015-04-23 00:45 - 2013-09-29 19:18 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-04-23 00:45 - 2013-09-29 19:18 - 00000000 ____D () C:\ProgramData\Norton
2015-04-23 00:28 - 2010-11-20 14:48 - 00884718 _____ () C:\Windows\PFRO.log
2015-04-23 00:20 - 2014-02-09 00:16 - 00000000 ____D () C:\TEMP
2015-04-23 00:19 - 2013-04-26 03:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-23 00:17 - 2013-04-12 03:01 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-23 00:09 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-22 23:57 - 2015-02-05 00:39 - 00000000 ____D () C:\Users\Robert\Desktop\2015-02-04
2015-04-22 23:50 - 2013-02-25 21:21 - 00000000 ____D () C:\Users\Robert
2015-04-22 17:38 - 2014-12-12 17:19 - 00000000 ____D () C:\Users\Robert\AppData\Local\LogMeIn Rescue Applet
2015-04-22 11:36 - 2013-10-09 08:40 - 00000000 ____D () C:\Users\Robert\AppData\Local\CrashDumps
2015-04-22 10:06 - 2015-01-05 18:43 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-04-21 22:21 - 2013-09-28 16:09 - 00000388 _____ () C:\Windows\Tasks\RegCure Pro.job
2015-04-21 22:21 - 2013-08-27 19:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-20 13:43 - 2010-11-20 14:01 - 00830844 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-20 01:11 - 2013-06-07 21:01 - 00000000 ___RD () C:\Users\Robert\Dropbox
2015-04-20 01:09 - 2014-12-14 16:01 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for JOHN BROWN BENNETT
2015-04-20 01:09 - 2014-12-14 15:19 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for JOHN GLENN CARTER
2015-04-20 00:16 - 2013-08-13 15:13 - 00000000 ____D () C:\Users\Robert\AppData\Local\Windows Live
2015-04-20 00:06 - 2014-12-14 15:34 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for PIETRO CERTO
2015-04-20 00:06 - 2014-12-14 15:01 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for SMITH DANIEL CARTER
2015-04-15 09:52 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-04-15 09:51 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 09:20 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 07:10 - 2014-12-10 04:25 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 07:10 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 03:45 - 2015-02-09 21:17 - 00000000 ____D () C:\Program Files\RubySlots
2015-04-15 03:17 - 2013-08-01 14:29 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 03:12 - 2013-02-28 13:47 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 17:27 - 2013-02-25 23:28 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-14 17:27 - 2013-02-25 23:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-12 09:45 - 2014-06-16 08:32 - 00000000 ____D () C:\ProgramData\CanonIJPLM

==================== Files in the root of some directories =======

2015-01-07 23:15 - 2015-01-07 23:15 - 0033193 _____ () C:\Users\Robert\AppData\Roaming\UserTile.png
2013-08-13 14:48 - 2013-08-19 08:07 - 0000072 _____ () C:\Users\Robert\AppData\Roaming\WB.CFG
2013-08-13 14:48 - 2013-08-29 00:00 - 0000005 _____ () C:\Users\Robert\AppData\Roaming\WBPU-TTL.DAT
2013-05-13 15:20 - 2014-08-03 16:13 - 0047104 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-02 22:50 - 2014-01-02 22:51 - 0007605 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg

Some content of TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 09:12

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2015 02
Ran by Robert at 2015-04-24 10:23:32
Running from C:\Users\Robert\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3276278619-1820661984-955229075-500 - Administrator - Disabled)
Guest (S-1-5-21-3276278619-1820661984-955229075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3276278619-1820661984-955229075-1004 - Limited - Enabled)
Robert (S-1-5-21-3276278619-1820661984-955229075-1000 - Administrator - Enabled) => C:\Users\Robert
test (S-1-5-21-3276278619-1820661984-955229075-1005 - Administrator - Enabled)
UpdatusUser (S-1-5-21-3276278619-1820661984-955229075-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 (HKLM\...\{7182A38E-73C7-460A-AD87-DCD52DE7556C}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BCL easyConverter SDK 3 (Word Version) (HKLM\...\{A932ABFB-1AC4-4FBF-9954-B710CABE3482}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
Canon MP620 series User Registration (HKLM\...\Canon MP620 series User Registration) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DesktopWeatherAlerts (HKU\.DEFAULT\...\DesktopWeatherAlerts) (Version: 1.0.13.0 - Local Weather LLC) <==== ATTENTION
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
DriverUpdate (HKLM\...\{65C92136-6AF0-4E70-88D2-D19E739CE285}) (Version: 2.2.35415 - SlimWare Utilities, Inc.)
EMET (HKLM\...\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}) (Version: 3.0.0 - Microsoft)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GreatArcadeHits (HKU\.DEFAULT\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
Inkjet Printer/Scanner Extended Survey Program (HKLM\...\CANONIJPLM100) (Version:  - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Basic 2007 (HKLM\...\BASICR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RubySlots (HKLM\...\{137b5d7d-6afe-4b69-be23-b2e949c20065}) (Version: 15.01.0-RTG - RealTimeGaming Software)
Sansa Media Converter (HKLM\...\{FC053571-8507-44E4-8B6D-AACEAB8CA57C}) (Version: 1.0-B4.263 - )
Sansa Updater (HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Shopping Helper Smartbar (HKLM\...\{E3CE881D-94D9-435A-9DEA-EBB5390BC2CC}) (Version: 10.196.63.14120 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKU\.DEFAULT\...\{c55f0b66-06b7-4a17-9d20-6e4b6ac38697}) (Version: 10.196.63.14120 - ReSoft Ltd.) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TidyNetwork (HKU\.DEFAULT\...\TidyNetwork) (Version:  - TidyNetwork)
Unity Web Player (All users) (HKLM\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WG111v2 Configuration Utility (HKLM\...\{E0F252A6-DE85-4E93-A93B-DFC3537B3965}) (Version: 1.00 - REALTEK Semiconductor Corp.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
YAC(Yet Another Cleaner!) (HKLM\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{32C9A4A8-63FE-4F4F-8821-FC56C31512AB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{503E492B-C90C-4E23-842B-EB05CDA61DC9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{BBB18E3D-5523-4A93-A859-96EFCB603D7B}\InprocServer32 -> No File Path

==================== Restore Points  =========================

23-04-2015 07:51:48 AA11
24-04-2015 03:00:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0249E031-15FA-491C-A7FB-40FC1F2D0EB2} - System32\Tasks\{CC65FE1D-8394-499A-8A25-3409DC863F0D} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {035828B0-FE31-4F84-90D3-E1718936F5B3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3276278619-1820661984-955229075-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {0807B990-9229-4713-ABA0-0AC4A95D4E05} - System32\Tasks\shield check => C:\Users\Robert\AppData\Local\Shield\checkhp.exe
Task: {08C81832-3F2E-48A7-96E5-4BEF183A11EC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {0B11FB79-91FC-47AB-AD1D-11E49EDD1D24} - System32\Tasks\{74AEB447-AC79-4A01-A44A-5770AD39E1D2} => pcalua.exe -a C:\Users\Robert\Downloads\ie6setup.exe -d C:\Users\Robert\Downloads
Task: {111A1DD6-4FB3-40D3-AA58-414CDF0DD84F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {11E7EA2E-F092-4E00-B3D3-8AC1CD11C940} - System32\Tasks\{9E591742-CEB9-49A4-BFE7-E6FD5053D7C8} => C:\Program Files\ArcSoft\PhotoImpression 4\PhotoImpression.exe [2003-01-07] (ArcSoft)
Task: {13CD0944-D71A-4D53-A25A-478987E10FCD} - System32\Tasks\{CD66B86C-23C4-492C-9703-3391F895FA76} => D:\Autorun.exe
Task: {19B6D529-8299-4D3A-8C97-309481477CFC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {1ED64223-31B4-4EEC-A9D5-B17E289FAAA6} - System32\Tasks\{39455C15-F697-4E45-AB91-A473D5EAF1C1} => pcalua.exe -a C:\Users\Robert\AppData\Local\Temp\Temp1_RegCleaner_4.3.0.780.zip\RegCleaner_4.3.0.780.exe
Task: {314DDD78-67A8-4600-A124-EFD4C70E3C1A} - System32\Tasks\{5FF48574-FD93-4A6E-98E3-103DA58261C6} => C:\Users\Robert\Desktop\FTM 2014 (207)\setup.exe [2013-08-16] (Ancestry.com, Inc.                                                                                                                                                                                                                                                                                          )
Task: {3FC932FE-4060-4FC8-B0DB-484A560264CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {4034596F-3E4B-4EFD-8BDA-7DFDB43C2201} - System32\Tasks\{C1322293-F60D-412E-B2E6-F030C3E92194} => D:\Autorun.exe
Task: {51754FA5-885C-41A2-BB3E-A99FF0598DD2} - \AmiUpdXp No Task File <==== ATTENTION
Task: {52A8BFC4-84E1-47AA-AC94-7F4D556AB78E} - System32\Tasks\{D365B3C0-ABFA-4CA3-8D82-6289039EDD65} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {52BDF306-F296-4266-8323-CEE611141621} - System32\Tasks\RegCure Pro => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {52FFD072-7488-4FE2-B11B-1B9EDB9FF0E5} - System32\Tasks\{5BB56084-C904-458A-B3DE-0CA2BD8459D0} => D:\Utility\setup.exe
Task: {53416ADD-300E-4EE4-AC12-23D1CD2E618D} - System32\Tasks\{AD017E02-12E7-437D-BD64-9EB160BA1581} => C:\Program Files\ArcSoft\PhotoImpression 4\PhotoImpression.exe [2003-01-07] (ArcSoft)
Task: {5E05BAA8-FABC-44FA-BB39-59B4733E3BDA} - System32\Tasks\{BD884487-FEB3-4FE1-A4E8-DA605D03A6EF} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {65957544-6A51-4CD1-BF04-B3738E2F6E9C} - System32\Tasks\{3A6B0038-3AC5-43C9-8DD8-6E2C8ED0B9FE} => C:\Program Files\ArcSoft\PhotoImpression 4\PhotoImpression.exe [2003-01-07] (ArcSoft)
Task: {6621AE68-6DFB-4006-B73B-9EB572BAF5D3} - System32\Tasks\{75EC8B55-0AD6-4CD8-B97A-6B492BFFA232} => D:\Autorun.exe
Task: {6DC51CA0-F726-496E-9B76-DB8F2AA5C287} - System32\Tasks\{4FC2D73E-E121-4E63-83F3-85AEBA51587B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {75AC93CA-140D-4C5B-AFB1-97A35633BFC4} - System32\Tasks\{683A4A09-EEEC-43BA-8504-E2CFB6A7B324} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {79A6E70A-DB07-4F59-80B8-84967F54CACD} - System32\Tasks\{00204F0B-2AB8-4D12-9C18-E7CB62B431C6} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {7ABD50B6-603E-44F5-B05B-E60F5F4DBD5C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7D08919F-34B2-4D02-B049-5FF395083099} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3276278619-1820661984-955229075-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {87A0CFA9-CE91-4E3C-9DB5-AC71A74ED54B} - System32\Tasks\{24ADFD2F-D18A-497B-A7E0-D4654ACF9BC1} => D:\Utility\setup.exe
Task: {8B116C34-0C17-4EF7-B983-EEBFF51C6793} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {942B1AE3-CF03-4280-BE7B-84B0CDAAB424} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-06] (Symantec Corporation)
Task: {9689EF70-9ACE-4191-B4FE-9544C106A6C7} - System32\Tasks\{A8232845-9F5C-4425-9DC2-78E85A8D34C3} => pcalua.exe -a C:\Users\Robert\Downloads\mp620svst64102ea24.exe -d C:\Users\Robert\Downloads
Task: {A490CD13-6372-42FE-BF4E-443905F508E9} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {A92488FA-E132-418F-B85D-3618C09D7285} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AF689C85-66C0-4F20-AD43-48F2B1E74C7E} - System32\Tasks\{BDB611A0-D2FF-4A8D-B14F-4AE3F3A204F3} => Iexplore.exe http://ui.skype.com/...?LastError=1603
Task: {B4BD1352-3438-4BBF-8BAF-5AD5FA1B2D71} - System32\Tasks\{A33D31FE-44A6-4DBD-8CDC-92625E358A28} => Iexplore.exe http://ui.skype.com/...e=tsProgressBar
Task: {B5FC3C39-713D-4619-95C7-EAD70594A8F8} - System32\Tasks\{BDA31843-2776-4496-959F-2DC1731900C2} => D:\Utility\setup.exe
Task: {B8801D40-4E25-4ADB-A546-3451E36767FD} - System32\Tasks\{854B46D3-1661-45BA-AC30-4FD19CE00AA6} => C:\Program Files\RegCleaner\RegCleanr.exe [2013-08-26] ()
Task: {BABC7B96-FC49-489D-8FD8-C47932194281} - System32\Tasks\{87CF92ED-BB14-43F0-998C-75848261D14A} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {BEC04487-B927-4BC6-93FD-687D6158C07F} - System32\Tasks\GoogleUpdateTaskMachineCore1d041588543f030 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {C2E8314A-3248-45A9-B2CD-F00C41389EB0} - \DSite No Task File <==== ATTENTION
Task: {C781EF99-F779-47A7-8592-A599EA752442} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C96AC748-894E-4020-860C-C52AFCBD6064} - System32\Tasks\{8E3F005C-D71E-4158-83D6-50BA9BB435A0} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {D1FCCD85-FFD7-4447-8E65-D1F412D77E38} - System32\Tasks\RegCure Pro Startup => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {D3F293FA-8B9F-47BB-88E6-7EFEBAF8A892} - System32\Tasks\GoogleUpdateTaskMachineUA1d04158885efb70 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {DEA73AC4-906B-4EE4-BFCD-F9AF6940F1E5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E1FCBCA2-BB7A-47CE-A2E9-599139ACF1DD} - System32\Tasks\{77ED3619-F236-4B3A-9562-881EFB251373} => pcalua.exe -a "C:\Users\Robert\Desktop\2014 TREE\Family Tree Maker 2014\artpschd.exe" -d "C:\Users\Robert\Desktop\2014 TREE\Family Tree Maker 2014"
Task: {EB5250A5-2BB4-4E3E-9892-D3B6431F7B84} - System32\Tasks\{458560A8-A7E2-410D-B3D0-01EE6345771B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {EDC1A675-9109-404C-B11A-4AADECED12C5} - System32\Tasks\{DC843385-F374-4688-8E74-5D724E931190} => C:\Users\Robert\Desktop\FTM 2014 (207)\setup.exe [2013-08-16] (Ancestry.com, Inc.                                                                                                                                                                                                                                                                                          )
Task: {EDC26971-8131-4BDF-8EB3-0A3AA35A7AA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F03B5FBD-DD49-4E21-8DF1-FAAFE4837152} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {F43991D4-5D1C-4FB8-A17F-EB68BCE4DBF1} - System32\Tasks\{020FF1F9-063D-4E3B-9BC5-E74511E9D7EA} => D:\Autorun.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041588543f030.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04158885efb70.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro Startup.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe8C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\shield check.job => C:\Users\Robert\AppData\Local\Shield\checkhp.exe

==================== Loaded Modules (whitelisted) ==============

2014-12-10 04:31 - 2015-03-13 02:36 - 00065696 _____ () C:\Program Files\Elex-tech\YAC\zlib1.dll
2014-12-10 04:31 - 2013-12-01 19:52 - 00176976 _____ () C:\Program Files\Elex-tech\YAC\tws\unrar.dll
2014-12-10 04:31 - 2013-12-11 06:12 - 00087744 _____ () C:\Program Files\Elex-tech\YAC\tws\unacev2.dll
2014-12-10 04:31 - 2015-03-13 02:36 - 00185672 _____ () C:\Program Files\Elex-tech\YAC\libpng.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-16 08:32 - 2008-01-22 10:35 - 00103808 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2015-03-10 18:47 - 2015-03-10 18:47 - 00670808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 00090128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00022032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00029712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00048152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00110104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 10575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02423264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00634896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00592896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00415760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00640512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00087536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00104944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00770064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00692768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00866304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00217600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00806408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00182280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00873480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01019896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00030224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00769544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00897040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00194048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00711672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00677376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02370056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02667008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01013768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00046616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00998408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00766960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00304632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02125840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00973304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00928280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2013-04-26 03:01 - 2015-01-30 17:48 - 00078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02563592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2013-08-13 15:44 - 2013-03-25 10:57 - 00153088 _____ () C:\Windows\System32\AiCM32.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 08216048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 00405520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01632248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00870408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_1075bab0-567b-4c1d-b3d0-af63858b3623 => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3276278619-1820661984-955229075-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LMIRescue_1075bab0-567b-4c1d-b3d0-af63858b3623 => 2
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: ssnfd
Description: ssnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ssnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Canon MP620 ser Network
Description: Canon MP620 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2015 09:25:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (04/24/2015 09:25:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584

Error: (04/24/2015 09:25:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/24/2015 03:04:09 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 - Update 'Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition ' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\MSI1ac84.LOG.

Error: (04/24/2015 03:03:51 AM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL.  Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance.  For information about how to contact PSS, seePSS10R.CHM.

Error: (04/24/2015 03:02:50 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 - Update 'Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition ' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\MSI537c.LOG.

Error: (04/24/2015 03:02:31 AM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL.  Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance.  For information about how to contact PSS, seePSS10R.CHM.

Error: (04/23/2015 09:10:12 PM) (Source: MsiInstaller) (EventID: 11402) (User: Robert-PC)
Description: Product: Family Tree Maker 2014 -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION.  System error 5.  Verify that you have sufficient access to that key, or contact your support personnel.

Error: (04/23/2015 09:08:15 PM) (Source: MsiInstaller) (EventID: 11311) (User: Robert-PC)
Description: Product: Microsoft Primary Interoperability Assemblies 2005 -- Error 1311.Source file not found(cabinet): C:\Users\Robert\AppData\Local\Temp\mia1\VS_20051.cab.  Verify that the file exists and that you can access it.

Error: (04/23/2015 09:04:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Robert-PC)
Description: Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, and that your network is functioning correctly.

 DETAIL - Only part of a ReadProcessMemory or WriteProcessMemory request was completed.


System errors:
=============
Error: (04/24/2015 03:04:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2007 (KB2956103).

Error: (04/24/2015 03:02:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB2965284).

Error: (04/23/2015 07:41:52 PM) (Source: WAS) (EventID: 5002) (User: )
Description: Application pool 'DefaultAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.

Error: (04/23/2015 00:34:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (04/23/2015 00:29:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE
ssnfd

Error: (04/23/2015 11:58:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/23/2015 06:16:59 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/23/2015 03:03:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2007 (KB2956103).

Error: (04/23/2015 03:01:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB2965284).

Error: (04/23/2015 00:39:07 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Athlon™ II X2 250u Processor
Percentage of memory in use: 45%
Total physical RAM: 2815.37 MB
Available physical RAM: 1521.88 MB
Total Pagefile: 5629.03 MB
Available Pagefile: 3390.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.65 GB) (Free:8.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A96677F4)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, first could you uninstall the following programmes, if one does not uninstall then proceed to the next one :
 
GreatArcadeHits
Shopping Helper Smartbar
Shopping Helper Smartbar
YAC(Yet Another Cleaner!)
Ad-Aware Antivirus


CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3276278619-1820661984-955229075-1002\User: Group Policy restriction detected <======= ATTENTION
CHR HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...e={installDate}
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/...e={installDate}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...3d3LmJpbmcuY29t
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
BHO: DustApps -> {0622D1AC-7D62-42F9-8393-A66E32146E0C} -> C:\Windows\system32\config\systemprofile\AppData\Local\DustApps\plugin.dll [2015-01-26] (MicroApps Ltd)
BHO: No Name -> {0aedcac0-4262-4e14-8391-7b460f011e11} -> No File
BHO: No Name -> {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -> No File
BHO: No Name -> {8D8A9A55-50B0-3B66-FE2F-D233F9581F59} -> No File
BHO: No Name -> {B23B1CB5-EC0D-65C9-464E-21EF02A28BCA} -> No File
BHO: No Name -> {D0C21091-FF8E-432C-9006-0540E81BA9D7} -> No File
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\searchplugins\V9.xml [2015-01-29]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2015-04-21]
FF HKU\.DEFAULT\...\FIREFOX\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: No Name - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi [2013-12-06]
CHR HKLM\...\Chrome\Extension: [kjodcnfbgeogobpbgjgchiakhlhbepmm] - No Path Or update_url value
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-03-13] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83752 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-02-16] (Elex do Brasil Participações Ltda)
2015-04-23 12:38 - 2013-09-28 16:09 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-04-23 12:38 - 2013-09-28 16:09 - 00000438 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
2015-04-23 15:32 - 2013-04-18 15:30 - 00000330 _____ () C:\Windows\Tasks\shield check.job
2015-04-21 22:21 - 2013-09-28 16:09 - 00000388 _____ () C:\Windows\Tasks\RegCure Pro.job
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{32C9A4A8-63FE-4F4F-8821-FC56C31512AB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{503E492B-C90C-4E23-842B-EB05CDA61DC9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{BBB18E3D-5523-4A93-A859-96EFCB603D7B}\InprocServer32 -> No File Path
Task: {0807B990-9229-4713-ABA0-0AC4A95D4E05} - System32\Tasks\shield check => C:\Users\Robert\AppData\Local\Shield\checkhp.exe
Task: {51754FA5-885C-41A2-BB3E-A99FF0598DD2} - \AmiUpdXp No Task File <==== ATTENTION
Task: {6DC51CA0-F726-496E-9B76-DB8F2AA5C287} - System32\Tasks\{4FC2D73E-E121-4E63-83F3-85AEBA51587B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {C2E8314A-3248-45A9-B2CD-F00C41389EB0} - \DSite No Task File <==== ATTENTION
Task: {EB5250A5-2BB4-4E3E-9892-D3B6431F7B84} - System32\Tasks\{458560A8-A7E2-410D-B3D0-01EE6345771B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
C:\Users\Robert\AppData\Local\Shield
C:\Program Files\Elex-tech
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

I uninstalled what you said to and the only one that did not uninstall was the Shopping Helper Smartbar, but her is the fixlog-

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-04-2015 02
Ran by Robert at 2015-04-24 13:17:33 Run:1
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert & UpdatusUser (Available profiles: Robert & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3276278619-1820661984-955229075-1002\User: Group Policy restriction detected <======= ATTENTION
CHR HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...e={installDate}
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/...e={installDate}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...3d3LmJpbmcuY29t
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
BHO: DustApps -> {0622D1AC-7D62-42F9-8393-A66E32146E0C} -> C:\Windows\system32\config\systemprofile\AppData\Local\DustApps\plugin.dll [2015-01-26] (MicroApps Ltd)
BHO: No Name -> {0aedcac0-4262-4e14-8391-7b460f011e11} -> No File
BHO: No Name -> {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -> No File
BHO: No Name -> {8D8A9A55-50B0-3B66-FE2F-D233F9581F59} -> No File
BHO: No Name -> {B23B1CB5-EC0D-65C9-464E-21EF02A28BCA} -> No File
BHO: No Name -> {D0C21091-FF8E-432C-9006-0540E81BA9D7} -> No File
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\searchplugins\V9.xml [2015-01-29]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2015-04-21]
FF HKU\.DEFAULT\...\FIREFOX\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: No Name - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi [2013-12-06]
CHR HKLM\...\Chrome\Extension: [kjodcnfbgeogobpbgjgchiakhlhbepmm] - No Path Or update_url value
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-03-13] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83752 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-02-16] (Elex do Brasil Participações Ltda)
2015-04-23 12:38 - 2013-09-28 16:09 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-04-23 12:38 - 2013-09-28 16:09 - 00000438 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
2015-04-23 15:32 - 2013-04-18 15:30 - 00000330 _____ () C:\Windows\Tasks\shield check.job
2015-04-21 22:21 - 2013-09-28 16:09 - 00000388 _____ () C:\Windows\Tasks\RegCure Pro.job
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{32C9A4A8-63FE-4F4F-8821-FC56C31512AB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{503E492B-C90C-4E23-842B-EB05CDA61DC9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{BBB18E3D-5523-4A93-A859-96EFCB603D7B}\InprocServer32 -> No File Path
Task: {0807B990-9229-4713-ABA0-0AC4A95D4E05} - System32\Tasks\shield check => C:\Users\Robert\AppData\Local\Shield\checkhp.exe
Task: {51754FA5-885C-41A2-BB3E-A99FF0598DD2} - \AmiUpdXp No Task File <==== ATTENTION
Task: {6DC51CA0-F726-496E-9B76-DB8F2AA5C287} - System32\Tasks\{4FC2D73E-E121-4E63-83F3-85AEBA51587B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {C2E8314A-3248-45A9-B2CD-F00C41389EB0} - \DSite No Task File <==== ATTENTION
Task: {EB5250A5-2BB4-4E3E-9892-D3B6431F7B84} - System32\Tasks\{458560A8-A7E2-410D-B3D0-01EE6345771B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
C:\Users\Robert\AppData\Local\Shield
C:\Program Files\Elex-tech
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3276278619-1820661984-955229075-1002\User => Moved successfully.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => Key not found.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => Key not found.
HKU\S-1-5-21-3276278619-1820661984-955229075-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}" => Key deleted successfully.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0622D1AC-7D62-42F9-8393-A66E32146E0C}" => Key deleted successfully.
"HKCR\CLSID\{0622D1AC-7D62-42F9-8393-A66E32146E0C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0aedcac0-4262-4e14-8391-7b460f011e11}" => Key deleted successfully.
HKCR\CLSID\{0aedcac0-4262-4e14-8391-7b460f011e11} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}" => Key deleted successfully.
HKCR\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D8A9A55-50B0-3B66-FE2F-D233F9581F59}" => Key deleted successfully.
HKCR\CLSID\{8D8A9A55-50B0-3B66-FE2F-D233F9581F59} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B23B1CB5-EC0D-65C9-464E-21EF02A28BCA}" => Key deleted successfully.
HKCR\CLSID\{B23B1CB5-EC0D-65C9-464E-21EF02A28BCA} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7}" => Key deleted successfully.
HKCR\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7} => Key not found.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\searchplugins\V9.xml => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\[email protected] => Moved successfully.
HKU\.DEFAULT\Software\Mozilla\FIREFOX\Extensions\\{B21F5E31-B8E8-41CD-B74C-168A71A10E49} => value deleted successfully.
C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\kjodcnfbgeogobpbgjgchiakhlhbepmm" => Key deleted successfully.
iSafeService => Service not found.
iSafeKrnl => Service not found.
iSafeKrnlBoot => Service not found.
iSafeKrnlKit => Service not found.
iSafeKrnlMon => Service deleted successfully.
iSafeKrnlR3 => Service not found.
iSafeNetFilter => Service not found.
C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => Moved successfully.
C:\Windows\Tasks\RegCure Pro Startup.job => Moved successfully.
C:\Windows\Tasks\shield check.job => Moved successfully.
C:\Windows\Tasks\RegCure Pro.job => Moved successfully.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{32C9A4A8-63FE-4F4F-8821-FC56C31512AB}" => Key deleted successfully.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{503E492B-C90C-4E23-842B-EB05CDA61DC9}" => Key deleted successfully.
"HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{BBB18E3D-5523-4A93-A859-96EFCB603D7B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0807B990-9229-4713-ABA0-0AC4A95D4E05}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0807B990-9229-4713-ABA0-0AC4A95D4E05}" => Key deleted successfully.
C:\Windows\System32\Tasks\shield check => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\shield check" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51754FA5-885C-41A2-BB3E-A99FF0598DD2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51754FA5-885C-41A2-BB3E-A99FF0598DD2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DC51CA0-F726-496E-9B76-DB8F2AA5C287}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DC51CA0-F726-496E-9B76-DB8F2AA5C287}" => Key deleted successfully.
C:\Windows\System32\Tasks\{4FC2D73E-E121-4E63-83F3-85AEBA51587B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4FC2D73E-E121-4E63-83F3-85AEBA51587B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2E8314A-3248-45A9-B2CD-F00C41389EB0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2E8314A-3248-45A9-B2CD-F00C41389EB0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB5250A5-2BB4-4E3E-9892-D3B6431F7B84}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB5250A5-2BB4-4E3E-9892-D3B6431F7B84}" => Key deleted successfully.
C:\Windows\System32\Tasks\{458560A8-A7E2-410D-B3D0-01EE6345771B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{458560A8-A7E2-410D-B3D0-01EE6345771B}" => Key deleted successfully.
C:\Users\Robert\AppData\Local\Shield => Moved successfully.
"C:\Program Files\Elex-tech" => File/Directory not found.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{9767C550-9088-4825-B07C-7E4AE60018BB} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 20.2 GB temporary data.


The system needed a reboot.

==== End of Fixlog 13:20:27 ====


  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you run adwcleaner and then try to install the programme, let me know what errors you get
  • 0

#5
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Yes I did here is the log-

# AdwCleaner v4.202 - Logfile created 24/04/2015 at 13:45:27
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Robert - ROBERT-PC
# Running from : C:\Users\Robert\Desktop\adwcleaner_4.202.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\SaveClicker
Folder Deleted : C:\ProgramData\cbc7095e1fb3d805
Folder Deleted : C:\Program Files\SaveClicker
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Roaming\iSafe
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Roaming\newnext.me
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\Conduit
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\genienext
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\Hyper Browser
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\Local_Weather_LLC
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\Mobogenie
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\Smartbar
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\SwvUpdater
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\TidyNetwork
Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\WeatherAlerts
Folder Deleted : C:\Users\Robert\AppData\Local\PackageAware
Folder Deleted : C:\Users\Robert\AppData\Roaming\SparkTrust
Folder Deleted : C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\DefaultAppPool.IIS APPPOOL\AppData\Roaming\Mozilla\Firefox\Profiles\fae7eoc4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Folder Deleted : C:\Users\DefaultAppPool.IIS APPPOOL.001\AppData\Roaming\Mozilla\Firefox\Profiles\fae7eoc4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Folder Deleted : C:\Users\DefaultAppPool.IIS APPPOOL.002\AppData\Roaming\Mozilla\Firefox\Profiles\fae7eoc4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Folder Deleted : C:\Users\TEMP.IIS APPPOOL.001\AppData\Roaming\Mozilla\Firefox\Profiles\fae7eoc4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Folder Deleted : C:\Users\TEMP.Robert-PC\AppData\Roaming\Mozilla\Firefox\Profiles\fae7eoc4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Folder Deleted : C:\Users\TEMP.Robert-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\fae7eoc4.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
File Deleted : C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\b9zg5gzs.default-1391371439852\user.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js

***** [ Scheduled tasks ] *****

Task Deleted : ParetoLogic Update Version3 Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\iSafeSvc2.exe
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3277370
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279141
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\Local AppWizard-Generated Applications
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKU\.DEFAULT\Software\Conduit
Key Deleted : HKU\.DEFAULT\Software\RegisteredApplicationsEx
Key Deleted : HKU\.DEFAULT\Software\smartbarbackup
Key Deleted : HKU\.DEFAULT\Software\smartbarlog
Key Deleted : HKU\.DEFAULT\Software\Tutorials
Key Deleted : HKU\.DEFAULT\Software\Elex-tech
Key Deleted : HKU\.DEFAULT\Software\WeatherAlerts
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3CE881D-94D9-435A-9DEA-EBB5390BC2CC}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[52jh52ti.default-1391411894818\prefs.js] - Line Deleted : user_pref("yahoo.ytff.toolbar.orignaldefaultenginename", "Trovi search");
[52jh52ti.default-1391411894818\prefs.js] - Line Deleted : user_pref("yahoo.ytff.toolbar.orignalselectedEngine", "Trovi search");

*************************

AdwCleaner[R0].txt - [4560 bytes] - [24/04/2015 13:42:40]
AdwCleaner[S0].txt - [4593 bytes] - [24/04/2015 13:45:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4652  bytes] ##########
 


  • 0

#6
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Now what?


  • 0

#7
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you now try and install the programme and let me know if the same error occurs
  • 0

#8
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Yes!  I got the same error.


  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets now try to install from a clean boot

Step 1: Start MSConfig

Click Start, type msconfig in the Start Search box, and then press ENTER.
If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation.

Step 2: Configure Selective Startup options

1.In the System Configuration Utility dialog box, click Selective Startup on the General tab.

Cleanboot1.JPG

2.Click to clear the Load Startup Items check box.
Note The Use Original Boot.ini check box is unavailable.

3.Click the Services tab.

cleanboot2.JPG

4.Click to select the Hide All Microsoft Services check box.
5.Click Disable All, and then click OK.
6. When you are prompted, click Restart.

Now retry the programme, does it install
  • 0

#10
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

No it stops at same place and same message appears.


  • 0

Advertisements


#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK reverse the previous procedure to revert to normal boot, enable all services

Download Windows All In One Repair from Tweaking.com to your desktop
Install the programme

Reboot to safe mode with networking
Run Windows All In One
Select Step 2
Select open Pre-repairs scan then click scan
Let that complete
Save the results to a text file on your desktop

waioprescan.JPG

Next select Step 5 and back up the registry

waioregback.JPG

Open the Repairs tab

waioopenrep.JPG

Select the following repair numbers :

1

Set the system to reboot on completion
The press Start Repairs

waiorepair.JPG
  • 0

#12
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

how do I run in safe mode?  I ran it in the normal mode and when I did the back up and restore, it failed the back up.  Here is the log

 

[4/26/2015 - 3:01:29 AM] System Variables
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------
[4/26/2015 - 3:01:29 AM] Use Fallback Backup Method: 1 (0 = No, 1 = Yes)
[4/26/2015 - 3:01:29 AM] VSS exe To Use: vss_7_8_2008_2012_32.exe
[4/26/2015 - 3:01:29 AM] Windows Drive: C:
[4/26/2015 - 3:01:29 AM] Windows Folder: Windows
[4/26/2015 - 3:01:29 AM] Windows Path: C:\Windows
[4/26/2015 - 3:01:29 AM] Registry File Location: C:\Windows\System32\Config
[4/26/2015 - 3:01:29 AM] Current Profile: C:\Users\Robert
[4/26/2015 - 3:01:29 AM] Current Profile SID: S-1-5-21-3276278619-1820661984-955229075-1000
[4/26/2015 - 3:01:29 AM] Current Profile Classes: S-1-5-21-3276278619-1820661984-955229075-1000_Classes
[4/26/2015 - 3:01:29 AM] Profiles Location: C:\Users
[4/26/2015 - 3:01:29 AM] Profiles Location 2: C:\Windows\ServiceProfiles
[4/26/2015 - 3:01:29 AM] Local Settings AppData: AppData\Local
[4/26/2015 - 3:01:29 AM] Computer Name: ROBERT-PC
[4/26/2015 - 3:01:29 AM] OS: Windows 7 Home Premium (32-bit)
[4/26/2015 - 3:01:29 AM] OS Architecture: 32-bit
[4/26/2015 - 3:01:29 AM] OS Version: 6.1.7601
[4/26/2015 - 3:01:29 AM] OS Service Pack: Service Pack 1
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------

[4/26/2015 - 3:01:29 AM] Backup Location: C:\RegBackup\

[4/26/2015 - 3:01:29 AM] Auto Delete Old Backups Enabled, Working...
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------

[4/26/2015 - 3:01:29 AM] Starting Backup...

[4/26/2015 - 3:01:29 AM] Files To Backup:
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------
[4/26/2015 - 3:01:29 AM] C:\Windows\System32\Config\components
[4/26/2015 - 3:01:29 AM] C:\Windows\System32\Config\default
[4/26/2015 - 3:01:29 AM] C:\Windows\System32\Config\sam
[4/26/2015 - 3:01:29 AM] C:\Windows\System32\Config\security
[4/26/2015 - 3:01:29 AM] C:\Windows\System32\Config\software
[4/26/2015 - 3:01:29 AM] C:\Windows\System32\Config\system
[4/26/2015 - 3:01:29 AM] C:\Users\Default\ntuser.dat
[4/26/2015 - 3:01:29 AM] C:\Users\Robert\AppData\Local\Microsoft\Windows\UsrClass.dat
[4/26/2015 - 3:01:29 AM] C:\Users\Robert\ntuser.dat
[4/26/2015 - 3:01:29 AM] C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat
[4/26/2015 - 3:01:29 AM] C:\Users\UpdatusUser\ntuser.dat
[4/26/2015 - 3:01:29 AM] C:\Windows\ServiceProfiles\LocalService\ntuser.dat
[4/26/2015 - 3:01:29 AM] C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------

[4/26/2015 - 3:01:29 AM] Backing Up Files...:
[4/26/2015 - 3:01:29 AM] --------------------------------------------------------------------------------
[4/26/2015 - 3:01:29 AM] Using Fallback Backup Method.

[4/26/2015 - 3:01:30 AM] Backing Up File: C:\Windows\System32\Config\components
[4/26/2015 - 3:01:30 AM] Result: Successful (29.30 MB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\System32\Config\components

[4/26/2015 - 3:01:30 AM] Backing Up File: C:\Windows\System32\Config\default
[4/26/2015 - 3:01:31 AM] Result: Successful (1.22 MB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\System32\Config\default

[4/26/2015 - 3:01:31 AM] Backing Up File: C:\Windows\System32\Config\sam
[4/26/2015 - 3:01:31 AM] Result: Successful (100.00 KB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\System32\Config\sam

[4/26/2015 - 3:01:31 AM] Backing Up File: C:\Windows\System32\Config\security
[4/26/2015 - 3:01:31 AM] Result: Successful (36.00 KB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\System32\Config\security

[4/26/2015 - 3:01:31 AM] Backing Up File: C:\Windows\System32\Config\software
[4/26/2015 - 3:01:36 AM] Result: Successful (47.23 MB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\System32\Config\software

[4/26/2015 - 3:01:36 AM] Backing Up File: C:\Windows\System32\Config\system
[4/26/2015 - 3:01:37 AM] Result: Successful (14.70 MB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\System32\Config\system

[4/26/2015 - 3:01:37 AM] Backing Up File: C:\Users\Default\ntuser.dat
[4/26/2015 - 3:01:37 AM] Result: Successful (256.00 KB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Users\Default\ntuser.dat

[4/26/2015 - 3:01:37 AM] Backing Up File: C:\Users\Robert\AppData\Local\Microsoft\Windows\UsrClass.dat
[4/26/2015 - 3:01:38 AM] Result: Successful (4.83 MB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Users\Robert\AppData\Local\Microsoft\Windows\UsrClass.dat

[4/26/2015 - 3:01:38 AM] Backing Up File: C:\Users\Robert\ntuser.dat
[4/26/2015 - 3:01:38 AM] Result: Successful (3.89 MB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Users\Robert\ntuser.dat

[4/26/2015 - 3:01:38 AM] Backing Up File: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat
[4/26/2015 - 3:01:38 AM] Result: Failed - Error: -1 (API Reg Save Failed (), Tried File Copy, File In use, Cannot copy.)

[4/26/2015 - 3:01:38 AM] Backing Up File: C:\Users\UpdatusUser\ntuser.dat
[4/26/2015 - 3:01:38 AM] Result: Failed - Error: -1 (API Reg Save Failed (), Tried File Copy, File In use, Cannot copy.)

[4/26/2015 - 3:01:38 AM] Backing Up File: C:\Windows\ServiceProfiles\LocalService\ntuser.dat
[4/26/2015 - 3:01:38 AM] Result: Successful (252.00 KB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\ServiceProfiles\LocalService\ntuser.dat

[4/26/2015 - 3:01:38 AM] Backing Up File: C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
[4/26/2015 - 3:01:38 AM] Result: Successful (264.00 KB) - C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\C\Windows\ServiceProfiles\NetworkService\ntuser.dat

[4/26/2015 - 3:01:38 AM] Total Size: 102.05 MB

[4/26/2015 - 3:01:38 AM] --------------------------------------------------------------------------------

[4/26/2015 - 3:01:38 AM] Creating DOS restore bat file for use in the Windows Recovery Console:
[4/26/2015 - 3:01:38 AM] --------------------------------------------------------------------------------
[4/26/2015 - 3:01:38 AM] Already Exists: C:\Windows\tweaking.com-regbackup-ROBERT-PC-Windows-7-Home-Premium-(32-bit).dat for use in the dos_restore.cmd file
[4/26/2015 - 3:01:39 AM] Done: C:\RegBackup\ROBERT-PC\4.26.2015_3.01.29-AM\dos_restore.cmd


Edited by bnkplus2, 26 April 2015 - 04:06 AM.

  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Reboot the computer and immediately press and hold F8
A menu will then appear
Select safe mode with networking
  • 0

#14
bnkplus2

bnkplus2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Thank you for your time and assistance.  That worked!  I got to install my Family Tree Maker 2014.  Thank you again.


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any further problems before I tidy up ?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP