Hi,
I was being assisted in the thread below for a permission issue when trying to install Family Tree Maker 2014, and Aura, who was assisting me, noticed that I had malware present on my system. He told me to come in this section to get checked and get them removed before he continues assisting me. Here's the link to the original thread:
http://www.geekstogo...wser-emulation/
-FRST.TXT LOG-
-ADDTIONS.TXT LOG-
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-04-2015 02
Ran by Robert (administrator) on ROBERT-PC on 24-04-2015 10:22:41
Running from C:\Users\Robert\Downloads
Loaded Profiles: Robert & UpdatusUser (Available profiles: Robert & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Elex do Brasil Participações Ltda) C:\Program Files\Elex-tech\YAC\iSafeTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [8216048 2015-03-10] ()
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\MountPoints2: {1b320c41-faf3-11e2-a4b7-4487fc6eccb9} - J:\MediaManager.exe
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\MountPoints2: {cf7239cc-8756-11e4-a410-4487fc6eccb9} - J:\LaunchU3.exe -a
BootExecute: autocheck autochk * bootdelete
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3276278619-1820661984-955229075-1002\User: Group Policy restriction detected <======= ATTENTION
CHR HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/...e={installDate}
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-3276278619-1820661984-955229075-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snap.do/...e={installDate}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...mVlZC5zbmFwLmRv
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> BA2399AACC0A463992F623C5C36305F5 URL = http://search.yahoo....rtPage?}&fr=ie8
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {305B5C67-3051-4DA0-910E-2DD7F6EB732C} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...3d3LmJpbmcuY29t
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3276278619-1820661984-955229075-1002 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = http://www.v9.com/we...q={searchTerms}
BHO: DustApps -> {0622D1AC-7D62-42F9-8393-A66E32146E0C} -> C:\Windows\system32\config\systemprofile\AppData\Local\DustApps\plugin.dll [2015-01-26] (MicroApps Ltd)
BHO: No Name -> {0aedcac0-4262-4e14-8391-7b460f011e11} -> No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: No Name -> {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -> No File
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO: No Name -> {8D8A9A55-50B0-3B66-FE2F-D233F9581F59} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: No Name -> {B23B1CB5-EC0D-65C9-464E-21EF02A28BCA} -> No File
BHO: No Name -> {D0C21091-FF8E-432C-9006-0540E81BA9D7} -> No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3276278619-1820661984-955229075-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818
FF DefaultSearchUrl:
FF SearchEngineOrder.1: V9
FF SelectedSearchEngine: V9
FF Homepage: https://www.yahoo.com/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2013-08-28] (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer,version=1.0 -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-12-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-12-23] (Apple Inc.)
FF SearchPlugin: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\searchplugins\V9.xml [2015-01-29]
FF Extension: Yahoo! Toolbar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-03-19]
FF Extension: GameLinkExchange - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\[email protected] [2014-02-21]
FF Extension: Gamers Unite! Snag Bar - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}.xpi [2014-02-18]
FF Extension: Adblock Plus - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\52jh52ti.default-1391411894818\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-24]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2015-04-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn [2015-04-23]
FF HKU\.DEFAULT\...\FIREFOX\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi
FF Extension: No Name - C:\Windows\system32\config\systemprofile\AppData\Local\GreatArcadeHits\gahff.xpi [2013-12-06]
FF HKU\.DEFAULT\...\FIREFOX\Extensions: [{7996ce89-79ce-4cbc-a8e9-24505863e530}] - C:\Program Files\Select-N-Go\150.xpi
FF HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Social Privacy\FF
FF HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Unfriend Watcher\FF
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-04-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [kjodcnfbgeogobpbgjgchiakhlhbepmm] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-23]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2013-07-03] () [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [118048 2015-03-13] (Elex do Brasil Participações Ltda)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [670808 2015-03-10] ()
S4 LMIRescue_1075bab0-567b-4c1d-b3d0-af63858b3623; C:\Users\Robert\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp\LMI_Rescue_srv.exe [3087664 2014-12-12] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-06] (Symantec Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20130814.001\BHDrvx86.sys [1097304 2013-08-12] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1507000.00B\ccSetx86.sys [127064 2014-02-20] (Symantec Corporation)
R2 EAPPkt; C:\Windows\System32\DRIVERS\EAPPkt.sys [66048 2005-04-01] (Windows ® 2000 DDK provider) [File not signed]
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [43368 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-08-14] (GFI Software)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20130805.011\IDSVix86.sys [392792 2013-08-05] (Symantec Corporation)
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-03-13] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83752 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-03-13] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-02-16] (Elex do Brasil Participações Ltda)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20130929.005\NAVENG.SYS [93272 2013-09-29] (Symantec Corporation)
S3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20130929.005\NAVEX15.SYS [1612376 2013-09-29] (Symantec Corporation)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-05-23] (Padus, Inc.) [File not signed]
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1507000.00B\SRTSP.SYS [664792 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1507000.00B\SRTSPX.SYS [32984 2014-08-25] (Symantec Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-01-30] ()
R0 SymDS; C:\Windows\System32\drivers\NIS\1507000.00B\SYMDS.SYS [367704 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1507000.00B\SYMEFA.SYS [936152 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2015-04-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1507000.00B\Ironx86.SYS [209624 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1507000.00B\SYMNETS.SYS [447704 2014-08-25] (Symantec Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-24 10:22 - 2015-04-24 10:23 - 00019708 _____ () C:\Users\Robert\Downloads\FRST.txt
2015-04-24 10:22 - 2015-04-24 10:22 - 00000000 ____D () C:\FRST
2015-04-24 10:21 - 2015-04-24 10:21 - 00001098 _____ () C:\Users\Robert\Desktop\FRST.exe - Shortcut.lnk
2015-04-24 10:20 - 2015-04-24 10:20 - 01139200 _____ (Farbar) C:\Users\Robert\Downloads\FRST.exe
2015-04-24 08:14 - 2015-04-24 08:30 - 06691714 _____ () C:\Users\Robert\Downloads\bnkplus2_fddf91da.ZIP
2015-04-24 07:46 - 2015-04-24 07:46 - 00021558 _____ () C:\Users\Robert\Downloads\Result.txt
2015-04-24 07:43 - 2015-04-24 07:43 - 00402944 _____ (Farbar) C:\Users\Robert\Desktop\MiniToolBox.exe
2015-04-23 20:58 - 2015-04-23 20:58 - 00000000 ____D () C:\Users\TEMP.Robert-PC.000\AppData\Roaming\Mozilla
2015-04-23 20:58 - 2015-04-23 20:58 - 00000000 ____D () C:\Users\TEMP.Robert-PC.000
2015-04-23 19:41 - 2015-04-23 19:41 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.005\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-23 19:41 - 2015-04-23 19:41 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.005
2015-04-23 07:54 - 2015-04-23 12:29 - 00002321 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-04-23 07:54 - 2015-04-23 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-04-23 00:17 - 2015-04-23 00:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-23 00:06 - 2015-04-23 12:29 - 00002423 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2015-04-23 00:06 - 2015-04-23 00:06 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2015-04-23 00:06 - 2015-04-23 00:06 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2015-04-23 00:06 - 2015-04-23 00:06 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-04-23 00:04 - 2015-04-23 12:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-04-23 00:04 - 2015-04-23 12:29 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2015-04-23 00:04 - 2015-04-23 00:04 - 00000000 ____D () C:\Program Files\Norton Internet Security
2015-04-22 12:37 - 2015-04-22 17:43 - 00000032 _____ () C:\Users\Robert\Desktop\Microsoft Support.txt
2015-04-22 00:19 - 2015-04-22 00:19 - 00000000 ____D () C:\Users\TEMP.Robert-PC\AppData\Roaming\Mozilla
2015-04-22 00:19 - 2015-04-22 00:19 - 00000000 ____D () C:\Users\TEMP.Robert-PC
2015-04-21 23:54 - 2015-04-21 23:54 - 00000000 ____D () C:\ProgramData\Skype
2015-04-21 23:50 - 2015-03-13 20:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-04-21 23:50 - 2015-03-13 20:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-04-21 23:50 - 2015-01-28 20:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-04-21 22:36 - 2015-04-21 22:40 - 00000000 ____D () C:\Users\Robert\Desktop\FTM 2014 (207)
2015-04-21 15:16 - 2015-04-21 15:16 - 00000000 ____D () C:\Users\Robert\AppData\Local\PackageAware
2015-04-21 03:18 - 2015-04-21 03:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-14 17:31 - 2015-03-22 20:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 17:31 - 2015-03-22 20:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 17:31 - 2015-03-22 19:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 17:31 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-14 17:31 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 17:31 - 2015-03-16 22:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 17:31 - 2015-03-16 22:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 17:31 - 2015-03-16 21:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 17:31 - 2015-03-16 21:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 17:31 - 2015-03-16 21:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 17:31 - 2015-03-16 21:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 17:31 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 17:31 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 17:31 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 17:31 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 17:31 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 17:31 - 2015-03-03 21:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 17:31 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 17:30 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 17:30 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 17:30 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 17:30 - 2015-03-12 20:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 17:30 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 17:30 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 17:30 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 17:30 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 17:30 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 17:30 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 17:30 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 17:30 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 17:30 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 17:30 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 17:30 - 2015-03-12 20:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 17:30 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 17:30 - 2015-03-12 20:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 17:30 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 17:30 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 17:30 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 17:30 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 17:30 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 17:30 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 17:30 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 17:30 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 17:30 - 2015-03-12 19:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 17:30 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 17:30 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 17:30 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 17:30 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 17:30 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 17:30 - 2015-03-04 21:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 17:29 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 17:29 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 17:29 - 2015-03-24 20:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 17:29 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 17:29 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 17:29 - 2015-02-24 20:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-04 03:06 - 2015-04-04 03:06 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.001\AppData\Roaming\Mozilla
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\TEMP.IIS APPPOOL.001
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.004\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-01 23:20 - 2015-04-01 23:20 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.004
2015-04-01 23:19 - 2015-04-01 23:19 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-01 23:19 - 2015-04-01 23:19 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.003
2015-03-27 22:11 - 2015-03-27 22:11 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.002\AppData\Roaming\Mozilla
2015-03-27 22:11 - 2015-03-27 22:11 - 00000000 ____D () C:\Users\DefaultAppPool.IIS APPPOOL.002
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-24 10:20 - 2009-07-13 21:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:20 - 2009-07-13 21:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-24 10:16 - 2013-10-30 10:07 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-24 10:10 - 2013-02-25 14:12 - 02029911 _____ () C:\Windows\WindowsUpdate.log
2015-04-24 10:09 - 2015-02-05 08:29 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04158885efb70.job
2015-04-24 10:09 - 2013-02-25 23:28 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-24 07:48 - 2014-10-15 22:22 - 01072640 ___SH () C:\Users\Robert\Downloads\Thumbs.db
2015-04-24 07:42 - 2015-02-05 08:29 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041588543f030.job
2015-04-24 03:04 - 2014-03-05 19:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 22:47 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\tracing
2015-04-23 21:10 - 2014-12-18 21:15 - 00000000 ____D () C:\Program Files\Family Tree Maker 2014
2015-04-23 15:32 - 2013-04-18 15:30 - 00000330 _____ () C:\Windows\Tasks\shield check.job
2015-04-23 12:38 - 2013-09-28 16:09 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-04-23 12:38 - 2013-09-28 16:09 - 00000438 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
2015-04-23 12:28 - 2014-12-04 03:35 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-04-23 12:28 - 2009-07-13 21:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-23 12:28 - 2009-07-13 21:39 - 00064168 _____ () C:\Windows\setupact.log
2015-04-23 01:00 - 2013-10-13 12:31 - 00689664 ___SH () C:\Users\Robert\Documents\Thumbs.db
2015-04-23 00:45 - 2013-09-29 19:18 - 00001285 _____ () C:\Users\Robert\Desktop\Norton Installation Files.lnk
2015-04-23 00:45 - 2013-09-29 19:18 - 00000000 ____D () C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-04-23 00:45 - 2013-09-29 19:18 - 00000000 ____D () C:\ProgramData\Norton
2015-04-23 00:28 - 2010-11-20 14:48 - 00884718 _____ () C:\Windows\PFRO.log
2015-04-23 00:20 - 2014-02-09 00:16 - 00000000 ____D () C:\TEMP
2015-04-23 00:19 - 2013-04-26 03:02 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-23 00:17 - 2013-04-12 03:01 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-23 00:09 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-04-22 23:57 - 2015-02-05 00:39 - 00000000 ____D () C:\Users\Robert\Desktop\2015-02-04
2015-04-22 23:50 - 2013-02-25 21:21 - 00000000 ____D () C:\Users\Robert
2015-04-22 17:38 - 2014-12-12 17:19 - 00000000 ____D () C:\Users\Robert\AppData\Local\LogMeIn Rescue Applet
2015-04-22 11:36 - 2013-10-09 08:40 - 00000000 ____D () C:\Users\Robert\AppData\Local\CrashDumps
2015-04-22 10:06 - 2015-01-05 18:43 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2015-04-21 22:21 - 2013-09-28 16:09 - 00000388 _____ () C:\Windows\Tasks\RegCure Pro.job
2015-04-21 22:21 - 2013-08-27 19:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-20 13:43 - 2010-11-20 14:01 - 00830844 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-20 01:11 - 2013-06-07 21:01 - 00000000 ___RD () C:\Users\Robert\Dropbox
2015-04-20 01:09 - 2014-12-14 16:01 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for JOHN BROWN BENNETT
2015-04-20 01:09 - 2014-12-14 15:19 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for JOHN GLENN CARTER
2015-04-20 00:16 - 2013-08-13 15:13 - 00000000 ____D () C:\Users\Robert\AppData\Local\Windows Live
2015-04-20 00:06 - 2014-12-14 15:34 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for PIETRO CERTO
2015-04-20 00:06 - 2014-12-14 15:01 - 00000000 ____D () C:\Users\Robert\Documents\RECORDS for SMITH DANIEL CARTER
2015-04-15 09:52 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\rescache
2015-04-15 09:51 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 09:20 - 2009-07-13 19:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-15 07:10 - 2014-12-10 04:25 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 07:10 - 2014-05-06 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 03:45 - 2015-02-09 21:17 - 00000000 ____D () C:\Program Files\RubySlots
2015-04-15 03:17 - 2013-08-01 14:29 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 03:12 - 2013-02-28 13:47 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 17:27 - 2013-02-25 23:28 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-14 17:27 - 2013-02-25 23:28 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-12 09:45 - 2014-06-16 08:32 - 00000000 ____D () C:\ProgramData\CanonIJPLM
==================== Files in the root of some directories =======
2015-01-07 23:15 - 2015-01-07 23:15 - 0033193 _____ () C:\Users\Robert\AppData\Roaming\UserTile.png
2013-08-13 14:48 - 2013-08-19 08:07 - 0000072 _____ () C:\Users\Robert\AppData\Roaming\WB.CFG
2013-08-13 14:48 - 2013-08-29 00:00 - 0000005 _____ () C:\Users\Robert\AppData\Roaming\WBPU-TTL.DAT
2013-05-13 15:20 - 2014-08-03 16:13 - 0047104 _____ () C:\Users\Robert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-02 22:50 - 2014-01-02 22:51 - 0007605 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 09:12
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-04-2015 02
Ran by Robert at 2015-04-24 10:23:32
Running from C:\Users\Robert\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3276278619-1820661984-955229075-500 - Administrator - Disabled)
Guest (S-1-5-21-3276278619-1820661984-955229075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3276278619-1820661984-955229075-1004 - Limited - Enabled)
Robert (S-1-5-21-3276278619-1820661984-955229075-1000 - Administrator - Enabled) => C:\Users\Robert
test (S-1-5-21-3276278619-1820661984-955229075-1005 - Administrator - Enabled)
UpdatusUser (S-1-5-21-3276278619-1820661984-955229075-1002 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 (HKLM\...\{7182A38E-73C7-460A-AD87-DCD52DE7556C}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BCL easyConverter SDK 3 (Word Version) (HKLM\...\{A932ABFB-1AC4-4FBF-9954-B710CABE3482}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 2.0 (HKLM\...\MP Navigator EX 2.0) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
Canon MP620 series User Registration (HKLM\...\Canon MP620 series User Registration) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DesktopWeatherAlerts (HKU\.DEFAULT\...\DesktopWeatherAlerts) (Version: 1.0.13.0 - Local Weather LLC) <==== ATTENTION
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.84 - DivX, LLC)
DriverUpdate (HKLM\...\{65C92136-6AF0-4E70-88D2-D19E739CE285}) (Version: 2.2.35415 - SlimWare Utilities, Inc.)
EMET (HKLM\...\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}) (Version: 3.0.0 - Microsoft)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GreatArcadeHits (HKU\.DEFAULT\...\{856AD396-519D-4C7A-BED6-6785F64924BC}) (Version: 1.0 - GreatArcadeHits) <==== ATTENTION
Inkjet Printer/Scanner Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Basic 2007 (HKLM\...\BASICR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office XP Media Content (HKLM\...\{90300409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RubySlots (HKLM\...\{137b5d7d-6afe-4b69-be23-b2e949c20065}) (Version: 15.01.0-RTG - RealTimeGaming Software)
Sansa Media Converter (HKLM\...\{FC053571-8507-44E4-8B6D-AACEAB8CA57C}) (Version: 1.0-B4.263 - )
Sansa Updater (HKU\S-1-5-21-3276278619-1820661984-955229075-1000\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Shopping Helper Smartbar (HKLM\...\{E3CE881D-94D9-435A-9DEA-EBB5390BC2CC}) (Version: 10.196.63.14120 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKU\.DEFAULT\...\{c55f0b66-06b7-4a17-9d20-6e4b6ac38697}) (Version: 10.196.63.14120 - ReSoft Ltd.) <==== ATTENTION
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TidyNetwork (HKU\.DEFAULT\...\TidyNetwork) (Version: - TidyNetwork)
Unity Web Player (All users) (HKLM\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
WG111v2 Configuration Utility (HKLM\...\{E0F252A6-DE85-4E93-A93B-DFC3537B3965}) (Version: 1.00 - REALTEK Semiconductor Corp.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
YAC(Yet Another Cleaner!) (HKLM\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{32C9A4A8-63FE-4F4F-8821-FC56C31512AB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{503E492B-C90C-4E23-842B-EB05CDA61DC9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-3276278619-1820661984-955229075-1000_Classes\CLSID\{BBB18E3D-5523-4A93-A859-96EFCB603D7B}\InprocServer32 -> No File Path
==================== Restore Points =========================
23-04-2015 07:51:48 AA11
24-04-2015 03:00:35 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2009-06-10 14:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0249E031-15FA-491C-A7FB-40FC1F2D0EB2} - System32\Tasks\{CC65FE1D-8394-499A-8A25-3409DC863F0D} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {035828B0-FE31-4F84-90D3-E1718936F5B3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3276278619-1820661984-955229075-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {0807B990-9229-4713-ABA0-0AC4A95D4E05} - System32\Tasks\shield check => C:\Users\Robert\AppData\Local\Shield\checkhp.exe
Task: {08C81832-3F2E-48A7-96E5-4BEF183A11EC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {0B11FB79-91FC-47AB-AD1D-11E49EDD1D24} - System32\Tasks\{74AEB447-AC79-4A01-A44A-5770AD39E1D2} => pcalua.exe -a C:\Users\Robert\Downloads\ie6setup.exe -d C:\Users\Robert\Downloads
Task: {111A1DD6-4FB3-40D3-AA58-414CDF0DD84F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {11E7EA2E-F092-4E00-B3D3-8AC1CD11C940} - System32\Tasks\{9E591742-CEB9-49A4-BFE7-E6FD5053D7C8} => C:\Program Files\ArcSoft\PhotoImpression 4\PhotoImpression.exe [2003-01-07] (ArcSoft)
Task: {13CD0944-D71A-4D53-A25A-478987E10FCD} - System32\Tasks\{CD66B86C-23C4-492C-9703-3391F895FA76} => D:\Autorun.exe
Task: {19B6D529-8299-4D3A-8C97-309481477CFC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {1ED64223-31B4-4EEC-A9D5-B17E289FAAA6} - System32\Tasks\{39455C15-F697-4E45-AB91-A473D5EAF1C1} => pcalua.exe -a C:\Users\Robert\AppData\Local\Temp\Temp1_RegCleaner_4.3.0.780.zip\RegCleaner_4.3.0.780.exe
Task: {314DDD78-67A8-4600-A124-EFD4C70E3C1A} - System32\Tasks\{5FF48574-FD93-4A6E-98E3-103DA58261C6} => C:\Users\Robert\Desktop\FTM 2014 (207)\setup.exe [2013-08-16] (Ancestry.com, Inc. )
Task: {3FC932FE-4060-4FC8-B0DB-484A560264CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {4034596F-3E4B-4EFD-8BDA-7DFDB43C2201} - System32\Tasks\{C1322293-F60D-412E-B2E6-F030C3E92194} => D:\Autorun.exe
Task: {51754FA5-885C-41A2-BB3E-A99FF0598DD2} - \AmiUpdXp No Task File <==== ATTENTION
Task: {52A8BFC4-84E1-47AA-AC94-7F4D556AB78E} - System32\Tasks\{D365B3C0-ABFA-4CA3-8D82-6289039EDD65} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {52BDF306-F296-4266-8323-CEE611141621} - System32\Tasks\RegCure Pro => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {52FFD072-7488-4FE2-B11B-1B9EDB9FF0E5} - System32\Tasks\{5BB56084-C904-458A-B3DE-0CA2BD8459D0} => D:\Utility\setup.exe
Task: {53416ADD-300E-4EE4-AC12-23D1CD2E618D} - System32\Tasks\{AD017E02-12E7-437D-BD64-9EB160BA1581} => C:\Program Files\ArcSoft\PhotoImpression 4\PhotoImpression.exe [2003-01-07] (ArcSoft)
Task: {5E05BAA8-FABC-44FA-BB39-59B4733E3BDA} - System32\Tasks\{BD884487-FEB3-4FE1-A4E8-DA605D03A6EF} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {65957544-6A51-4CD1-BF04-B3738E2F6E9C} - System32\Tasks\{3A6B0038-3AC5-43C9-8DD8-6E2C8ED0B9FE} => C:\Program Files\ArcSoft\PhotoImpression 4\PhotoImpression.exe [2003-01-07] (ArcSoft)
Task: {6621AE68-6DFB-4006-B73B-9EB572BAF5D3} - System32\Tasks\{75EC8B55-0AD6-4CD8-B97A-6B492BFFA232} => D:\Autorun.exe
Task: {6DC51CA0-F726-496E-9B76-DB8F2AA5C287} - System32\Tasks\{4FC2D73E-E121-4E63-83F3-85AEBA51587B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {75AC93CA-140D-4C5B-AFB1-97A35633BFC4} - System32\Tasks\{683A4A09-EEEC-43BA-8504-E2CFB6A7B324} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {79A6E70A-DB07-4F59-80B8-84967F54CACD} - System32\Tasks\{00204F0B-2AB8-4D12-9C18-E7CB62B431C6} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {7ABD50B6-603E-44F5-B05B-E60F5F4DBD5C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7D08919F-34B2-4D02-B049-5FF395083099} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3276278619-1820661984-955229075-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {87A0CFA9-CE91-4E3C-9DB5-AC71A74ED54B} - System32\Tasks\{24ADFD2F-D18A-497B-A7E0-D4654ACF9BC1} => D:\Utility\setup.exe
Task: {8B116C34-0C17-4EF7-B983-EEBFF51C6793} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {942B1AE3-CF03-4280-BE7B-84B0CDAAB424} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-06] (Symantec Corporation)
Task: {9689EF70-9ACE-4191-B4FE-9544C106A6C7} - System32\Tasks\{A8232845-9F5C-4425-9DC2-78E85A8D34C3} => pcalua.exe -a C:\Users\Robert\Downloads\mp620svst64102ea24.exe -d C:\Users\Robert\Downloads
Task: {A490CD13-6372-42FE-BF4E-443905F508E9} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {A92488FA-E132-418F-B85D-3618C09D7285} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {AF689C85-66C0-4F20-AD43-48F2B1E74C7E} - System32\Tasks\{BDB611A0-D2FF-4A8D-B14F-4AE3F3A204F3} => Iexplore.exe http://ui.skype.com/...?LastError=1603
Task: {B4BD1352-3438-4BBF-8BAF-5AD5FA1B2D71} - System32\Tasks\{A33D31FE-44A6-4DBD-8CDC-92625E358A28} => Iexplore.exe http://ui.skype.com/...e=tsProgressBar
Task: {B5FC3C39-713D-4619-95C7-EAD70594A8F8} - System32\Tasks\{BDA31843-2776-4496-959F-2DC1731900C2} => D:\Utility\setup.exe
Task: {B8801D40-4E25-4ADB-A546-3451E36767FD} - System32\Tasks\{854B46D3-1661-45BA-AC30-4FD19CE00AA6} => C:\Program Files\RegCleaner\RegCleanr.exe [2013-08-26] ()
Task: {BABC7B96-FC49-489D-8FD8-C47932194281} - System32\Tasks\{87CF92ED-BB14-43F0-998C-75848261D14A} => C:\FTW\FTW.exe [2002-06-28] (Genealogy.com, LLC)
Task: {BEC04487-B927-4BC6-93FD-687D6158C07F} - System32\Tasks\GoogleUpdateTaskMachineCore1d041588543f030 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {C2E8314A-3248-45A9-B2CD-F00C41389EB0} - \DSite No Task File <==== ATTENTION
Task: {C781EF99-F779-47A7-8592-A599EA752442} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {C96AC748-894E-4020-860C-C52AFCBD6064} - System32\Tasks\{8E3F005C-D71E-4158-83D6-50BA9BB435A0} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {D1FCCD85-FFD7-4447-8E65-D1F412D77E38} - System32\Tasks\RegCure Pro Startup => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: {D3F293FA-8B9F-47BB-88E6-7EFEBAF8A892} - System32\Tasks\GoogleUpdateTaskMachineUA1d04158885efb70 => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {DEA73AC4-906B-4EE4-BFCD-F9AF6940F1E5} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {E1FCBCA2-BB7A-47CE-A2E9-599139ACF1DD} - System32\Tasks\{77ED3619-F236-4B3A-9562-881EFB251373} => pcalua.exe -a "C:\Users\Robert\Desktop\2014 TREE\Family Tree Maker 2014\artpschd.exe" -d "C:\Users\Robert\Desktop\2014 TREE\Family Tree Maker 2014"
Task: {EB5250A5-2BB4-4E3E-9892-D3B6431F7B84} - System32\Tasks\{458560A8-A7E2-410D-B3D0-01EE6345771B} => C:\Users\Robert\Downloads\youtube-download-manager_1.0.exe
Task: {EDC1A675-9109-404C-B11A-4AADECED12C5} - System32\Tasks\{DC843385-F374-4688-8E74-5D724E931190} => C:\Users\Robert\Desktop\FTM 2014 (207)\setup.exe [2013-08-16] (Ancestry.com, Inc. )
Task: {EDC26971-8131-4BDF-8EB3-0A3AA35A7AA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {F03B5FBD-DD49-4E21-8DF1-FAAFE4837152} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {F43991D4-5D1C-4FB8-A17F-EB68BCE4DBF1} - System32\Tasks\{020FF1F9-063D-4E3B-9BC5-E74511E9D7EA} => D:\Autorun.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041588543f030.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04158885efb70.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro Startup.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe8C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\shield check.job => C:\Users\Robert\AppData\Local\Shield\checkhp.exe
==================== Loaded Modules (whitelisted) ==============
2014-12-10 04:31 - 2015-03-13 02:36 - 00065696 _____ () C:\Program Files\Elex-tech\YAC\zlib1.dll
2014-12-10 04:31 - 2013-12-01 19:52 - 00176976 _____ () C:\Program Files\Elex-tech\YAC\tws\unrar.dll
2014-12-10 04:31 - 2013-12-11 06:12 - 00087744 _____ () C:\Program Files\Elex-tech\YAC\tws\unacev2.dll
2014-12-10 04:31 - 2015-03-13 02:36 - 00185672 _____ () C:\Program Files\Elex-tech\YAC\libpng.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-16 08:32 - 2008-01-22 10:35 - 00103808 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2015-03-10 18:47 - 2015-03-10 18:47 - 00670808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 00090128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00022032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00029712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00048152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00110104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 10575360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02423264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00634896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00592896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00415760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00640512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00087536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00104944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00770064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00692768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00866304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00217600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00806408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00182280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00873480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01019896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00030224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00769544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00897040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00194048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00711672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00677376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02370056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02667008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01013768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00046616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00998408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00766960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00304632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02125840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00973304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00767480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00928280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2013-04-26 03:01 - 2015-01-30 17:48 - 00078480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 02563592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2013-08-13 15:44 - 2013-03-25 10:57 - 00153088 _____ () C:\Windows\System32\AiCM32.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 08216048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:49 - 2015-03-10 18:49 - 00405520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 01632248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:49 - 2015-03-10 18:49 - 00870408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_1075bab0-567b-4c1d-b3d0-af63858b3623 => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3276278619-1820661984-955229075-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: LMIRescue_1075bab0-567b-4c1d-b3d0-af63858b3623 => 2
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: ssnfd
Description: ssnfd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ssnfd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Canon MP620 ser Network
Description: Canon MP620 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/24/2015 09:25:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584
Error: (04/24/2015 09:25:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584
Error: (04/24/2015 09:25:25 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/24/2015 03:04:09 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 - Update 'Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition ' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\MSI1ac84.LOG.
Error: (04/24/2015 03:03:51 AM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL. Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance. For information about how to contact PSS, seePSS10R.CHM.
Error: (04/24/2015 03:02:50 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 - Update 'Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition ' could not be installed. Error code 1603. Additional information is available in the log file C:\Windows\TEMP\MSI537c.LOG.
Error: (04/24/2015 03:02:31 AM) (Source: MsiInstaller) (EventID: 11402) (User: NT AUTHORITY)
Description: Product: Microsoft Office Basic 2007 -- Error 1402.Setup cannot open the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL. Verify that you have sufficient permissions to access the registry or contact Microsoft Product Support Services (PSS) for assistance. For information about how to contact PSS, seePSS10R.CHM.
Error: (04/23/2015 09:10:12 PM) (Source: MsiInstaller) (EventID: 11402) (User: Robert-PC)
Description: Product: Family Tree Maker 2014 -- Error 1402. Could not open key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION. System error 5. Verify that you have sufficient access to that key, or contact your support personnel.
Error: (04/23/2015 09:08:15 PM) (Source: MsiInstaller) (EventID: 11311) (User: Robert-PC)
Description: Product: Microsoft Primary Interoperability Assemblies 2005 -- Error 1311.Source file not found(cabinet): C:\Users\Robert\AppData\Local\Temp\mia1\VS_20051.cab. Verify that the file exists and that you can access it.
Error: (04/23/2015 09:04:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Robert-PC)
Description: Windows cannot log you on because your profile cannot be loaded. Check that you are connected to the network, and that your network is functioning correctly.
DETAIL - Only part of a ReadProcessMemory or WriteProcessMemory request was completed.
System errors:
=============
Error: (04/24/2015 03:04:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2007 (KB2956103).
Error: (04/24/2015 03:02:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB2965284).
Error: (04/23/2015 07:41:52 PM) (Source: WAS) (EventID: 5002) (User: )
Description: Application pool 'DefaultAppPool' is being automatically disabled due to a series of failures in the process(es) serving that application pool.
Error: (04/23/2015 00:34:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (04/23/2015 00:29:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE
ssnfd
Error: (04/23/2015 11:58:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (04/23/2015 06:16:59 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (04/23/2015 03:03:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Excel 2007 (KB2956103).
Error: (04/23/2015 03:01:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office Word 2007 (KB2965284).
Error: (04/23/2015 00:39:07 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: AMD Athlon II X2 250u Processor
Percentage of memory in use: 45%
Total physical RAM: 2815.37 MB
Available physical RAM: 1521.88 MB
Total Pagefile: 5629.03 MB
Available Pagefile: 3390.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.03 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.65 GB) (Free:8.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A96677F4)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================