Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Holy Smokes! We got a bad one! Computer freezing, pop ups like

Freezing Farbar wont download Pop ups Memory usage thru the roof hard to use.

  • This topic is locked This topic is locked

#91
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

well it says file folder..archive root directory etc.. Nothing about opening with.


When you right click on the downloaded zip file on your desktop and select properties, that's all the options it gives you?

It should give you this menu:

menu_zps7ppoiudc.jpg
  • 0

Advertisements


#92
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

It does nothing when right clicked.


  • 0

#93
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Good morning :)

One of those extra sets of eyes has spotted something in your log that may solve the problems we're having with the error message. Hold off on the Windows All In One for the moment. We're going to try and run a fix with FRST that should elminate the error message problem, then we can proceed.

If the error message occurs while trying to run FRST, try it several times until it works.
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

    NOTE: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
Replace: C:\Windows\winsxs\amd64_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16496_none_bbfb3a995f5c3538\iertutil.dll C:\windows\system32\iertutil.dll
Replace: C:\Windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16496_none_5fdc9f15a6fec402\iertutil.dll C:\Windows\SysWOW64\iertutil.dll
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Things I need to see in your next post

Fixlog.txt Log

  • 0

#94
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

I am getting this app error again. (oxc000007b) I tried several times and re downloaded a fresh copy too.


  • 0

#95
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

I am getting this app error again. (oxc000007b) I tried several times and re downloaded a fresh copy too.


Hello :)

Ok, let's boot the computer into Safe Mode with Networking and run the fix from there.

Shut the computer down, and once it's off, hit the power button.

Start repeatedly pressing the F8 button when the power comes on.

You will get the menu below. If you do not, power down the machine and try again.

2015-05-17%2014.18.58_zps23dxefzg.jpg

Please choose Safe Mode with Networking. Once chosen, the computer will only load the items necessary and then take you to the desktop.

Your desktop may look a bit different, but that's fine.

Please make sure the fixlist.txt file is on the desktop with FRST64.exe and start FRST.

Press the Fix button and wait. Once the fix has run, reboot the machine normally and post the fixlog.


Things I need to see in your next post

fixlog.txt log

  • 0

#96
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Im in safe mode now and get the same error message 000007b code.


  • 0

#97
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Alright, let's run sfc /scannow again to repair the files. :thumbsup:


Step 1: System File Checker

Click on the Start button and in the search box, type Command Prompt
When you see Command Prompt on the list, right-click on it and select Run as administrator
When command prompt opens, copy and paste the following commands into it, press enter after each

sfc /scannow

Wait for this to finish before you continue

When it has finished, type this in at the command prompt: copy %windir%\logs\cbs\cbs.log %userprofile%\Desktop\cbs.txt

This will create a file, cbs.txt on your Desktop.


Step 2: Upload CBS.txt to Sendspace


Please click here to go to Sendspace.

Once there, click the Browse button and select the CBS.txt file on your desktop, and select Open then click Upload.

Once the file has uploaded, it will show a screen with 2 links. Click the Copy Link button in the Download Link box and it will automatically be copied.

Respond to this thread and right click anywhere in the message body, select paste, and the link to the CBS.txt file will be pasted for me to get the log. :thumbsup:
  • 0

#98
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

https://www.sendspace.com/file/iwgscp


  • 0

#99
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hello :)

The log shows the file we were wanting to fix has been repaired. That should eliminate the error you've been getting while trying to run FRST. So, let's get a fresh scan with FRST and pick up where we left off. :)
  • Start Farbar's Recovery Scan Tool and place a check in the Addition.txt box.
  • Press the Scan button.
  • FRST will scan your system and produce two logs, FRST.txt and Addition.txt. Please post them in your next reply.

    Things I need to see in your next post:

    Please post each of these logs as a separate reply in this thread.

    FRST.txt

    Addition.txt

  • 0

#100
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by Owner (administrator) on OWNER-PC on 17-05-2015 18:48:29
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-06-17] (Google Inc.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-05-14] (Google Inc.)
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = http://www.bing.com/...eferrer:source}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-14] (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-10] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-14] (Google Inc.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-10] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-14] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-05-14] (Google Inc.)
Toolbar: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-05-14] (Google Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\jd3r6gen.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Keyword.URL: 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3306144526-1543565107-3197362354-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3306144526-1543565107-3197362354-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-3306144526-1543565107-3197362354-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-01-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-01-16] (Apple Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-05-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\[email protected]
 
Chrome: 
=======
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\42.0.2311.152\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\42.0.2311.152\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Owner\AppData\Local\Google\Chrome\Application\42.0.2311.152\pdf.dll No File
CHR Plugin: (registryAccess) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapnjeoabhkpdiinmomghdncekhiib\7.13.1.0_0\background/registryAccess.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Agent; C:\Windows\VPDAgent_x64.exe [148480 2013-02-04] (Two Pilots) [File not signed]
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [348152 2013-05-17] (Verizon) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [5632 2013-02-23] (The Neat Company) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-16] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 RxFilter; C:\Windows\SysWOW64\DRIVERS\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-17 18:48 - 2015-05-17 18:49 - 00018477 _____ () C:\Users\Owner\Desktop\FRST.txt
2015-05-17 08:50 - 2015-05-17 08:50 - 02107392 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2015-05-17 08:46 - 2015-05-17 08:46 - 00000352 _____ () C:\Users\Owner\Desktop\fixlist.txt
2015-05-16 19:11 - 2015-05-16 19:12 - 10697996 _____ () C:\Users\Owner\Downloads\tweaking.com_windows_repair_aio.zip
2015-05-16 13:55 - 2015-05-16 13:55 - 10697996 _____ () C:\Users\Owner\Desktop\tweaking.com_windows_repair_aio (1).zip
2015-05-16 13:52 - 2015-05-16 13:52 - 10697996 _____ () C:\Users\Owner\Desktop\tweaking.com_windows_repair_aio.zip
2015-05-16 13:23 - 2015-05-16 13:26 - 00186659 _____ () C:\Users\Owner\Desktop\kavremvr 2015-05-16 13-23-15 (pid 4580).log
2015-05-16 13:23 - 2015-05-16 13:24 - 00504005 _____ () C:\Users\Owner\Desktop\kavremvr 2015-05-16 13-23-16 (pid 2988).log
2015-05-16 13:22 - 2015-05-16 13:22 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\kavremover.exe
2015-05-16 13:15 - 2015-05-16 13:15 - 01182190 _____ () C:\Users\Owner\Downloads\7z938.exe
2015-05-16 13:15 - 2015-05-16 13:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-16 13:01 - 2015-05-16 13:03 - 00896048 _____ () C:\Users\Owner\Desktop\Norton_Removal_Tool.exe
2015-05-16 12:26 - 2015-05-17 17:54 - 01668450 _____ () C:\Users\Owner\Desktop\cbs.txt
2015-05-16 08:39 - 2015-05-16 08:39 - 00852630 _____ () C:\Users\Owner\Desktop\SecurityCheck (1).exe
2015-05-16 08:38 - 2015-05-16 08:38 - 00852630 _____ () C:\Users\Owner\Desktop\SecurityCheck.exe
2015-05-15 18:12 - 2015-05-15 18:12 - 02347384 _____ (ESET) C:\Users\Owner\Downloads\esetsmartinstaller_enu.exe
2015-05-15 18:07 - 2015-05-16 08:39 - 00003168 _____ () C:\Users\Owner\Desktop\mbam.txt
2015-05-15 17:20 - 2015-05-15 17:20 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
2015-05-15 17:15 - 2015-05-16 12:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-15 17:14 - 2015-05-15 17:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-15 17:14 - 2015-05-15 17:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-15 17:14 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-15 17:14 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-15 17:13 - 2015-05-15 17:14 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-15 07:55 - 2015-05-15 07:56 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2015-05-14 21:21 - 2015-05-14 21:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-14 21:21 - 2015-05-14 21:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-14 21:21 - 2015-05-14 21:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-14 21:20 - 2015-05-14 21:20 - 14243008 _____ (Microsoft Corporation) C:\Users\Owner\Desktop\mseinstall.exe
2015-05-14 19:22 - 2015-05-14 19:23 - 02721175 _____ (Thisisu) C:\Users\Owner\Desktop\JRT (1).exe
2015-05-14 18:36 - 2015-05-14 18:36 - 00007511 _____ () C:\Users\Owner\Desktop\JRT.txt
2015-05-14 18:31 - 2015-05-14 18:31 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OWNER-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-14 18:30 - 2015-05-14 18:30 - 02721175 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2015-05-14 18:30 - 2015-05-14 18:30 - 00000000 ____D () C:\RegBackup
2015-05-14 18:24 - 2015-05-14 18:27 - 02721175 _____ (Thisisu) C:\Users\Owner\Downloads\JRT.exe
2015-05-14 14:13 - 2015-05-14 21:21 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-05-14 14:12 - 2015-05-14 14:12 - 14243008 _____ (Microsoft Corporation) C:\Users\Owner\Downloads\mseinstall.exe
2015-05-14 09:46 - 2015-05-14 19:27 - 00000000 ____D () C:\AdwCleaner
2015-05-13 16:20 - 2015-05-13 16:23 - 00021998 _____ () C:\Users\Owner\Desktop\Search.txt
2015-05-13 16:09 - 2015-05-14 09:42 - 00000000 ____D () C:\Users\Owner\Desktop\FRST-OlderVersion
2015-05-12 21:29 - 2015-05-12 21:05 - 02204160 _____ () C:\Users\Owner\Desktop\adwcleaner_4.203.exe
2015-05-12 13:05 - 2015-05-17 18:48 - 00000000 ____D () C:\FRST
2015-05-11 19:11 - 2015-05-11 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-17 18:48 - 2012-04-05 22:38 - 00000000 ____D () C:\Temp
2015-05-17 18:48 - 2011-09-08 02:54 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-17 18:47 - 2013-03-08 15:04 - 00012182 _____ () C:\Windows\setupact.log
2015-05-17 18:47 - 2011-10-20 09:32 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-17 18:47 - 2011-06-17 22:10 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-17 18:47 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-17 14:28 - 2011-06-15 20:10 - 01940479 _____ () C:\Windows\WindowsUpdate.log
2015-05-17 13:39 - 2011-09-07 00:47 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000UA.job
2015-05-17 13:32 - 2011-06-17 22:10 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-17 08:45 - 2011-09-07 00:47 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000Core.job
2015-05-16 13:36 - 2009-07-13 21:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-16 13:36 - 2009-07-13 21:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-16 13:28 - 2013-03-08 15:07 - 00810638 _____ () C:\Windows\PFRO.log
2015-05-16 13:19 - 2011-09-07 01:27 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-16 13:15 - 2013-03-08 07:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-16 13:05 - 2013-02-02 20:52 - 00000000 ____D () C:\ProgramData\Norton
2015-05-15 21:34 - 2011-09-07 00:47 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000UA
2015-05-15 21:34 - 2011-09-07 00:47 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000Core
2015-05-15 17:59 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-05-15 17:14 - 2013-03-08 08:53 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-15 17:14 - 2013-03-08 08:53 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2015-05-15 17:14 - 2013-03-08 08:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-15 16:37 - 2011-06-17 22:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2015-05-15 16:28 - 2012-08-26 14:11 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2015-05-14 18:39 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2015-05-14 09:33 - 2011-09-07 00:47 - 00002368 _____ () C:\Users\Owner\Desktop\Google Chrome.lnk
2015-05-14 09:30 - 2013-03-08 14:47 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 09:27 - 2011-06-17 22:10 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-14 09:27 - 2011-06-17 22:10 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-12 21:09 - 2012-03-29 23:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 21:08 - 2011-06-15 20:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-12 21:07 - 2012-06-30 18:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-12 20:54 - 2013-07-05 08:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2015-05-12 13:05 - 2009-07-13 22:13 - 00005168 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 18:34 - 2011-06-15 20:09 - 00000000 ____D () C:\Users\Owner
2015-05-11 18:32 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-11 18:31 - 2013-03-14 07:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 18:31 - 2012-08-26 14:11 - 00000000 ____D () C:\ProgramData\Skype
2015-05-11 18:31 - 2011-09-07 00:47 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-11 18:31 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-11 18:29 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\registration
2015-05-11 18:25 - 2011-09-01 00:54 - 00000000 ____D () C:\Program Files (x86)\Verizon
2015-05-11 18:24 - 2012-08-26 14:11 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-11 18:24 - 2012-04-05 21:55 - 00000000 __RHD () C:\MSOCache
 
==================== Files in the root of some directories =======
 
2013-09-06 22:30 - 2013-09-06 22:30 - 0000042 _____ () C:\Users\Owner\AppData\Roaming\mbam.context.scan
2012-10-25 21:49 - 2012-11-21 12:20 - 0583306 _____ () C:\Users\Owner\AppData\Roaming\technic-launcher.jar
2012-10-25 21:49 - 2012-11-04 21:42 - 0579274 _____ () C:\Users\Owner\AppData\Roaming\technic-launcher.jar.bak
2011-08-21 20:30 - 2012-08-13 21:28 - 0005120 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-20 10:36 - 2013-05-20 10:36 - 0007605 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
2013-01-19 20:42 - 2013-01-19 20:42 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-14 00:12
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by Owner at 2015-05-17 18:49:53
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3306144526-1543565107-3197362354-500 - Administrator - Disabled)
Guest (S-1-5-21-3306144526-1543565107-3197362354-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3306144526-1543565107-3197362354-1003 - Limited - Enabled)
Owner (S-1-5-21-3306144526-1543565107-3197362354-1000 - Administrator - Enabled) => C:\Users\Owner
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7 Wonders II (HKLM-x32\...\exent_586350) (Version:  - )
7-Zip 9.20 (HKLM-x32\...\7-Zip 9.20) (Version:  - )
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip File Manager version 9.20 (HKLM-x32\...\{863448D4-F184-4B21-A46B-323C97A2D038}_is1) (Version: 9.20 - Download Freely, LLC)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Chainz 2 Relinked (HKLM-x32\...\exent_663050) (Version:  - )
Dell Resource CD (HKLM-x32\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.33 - Creative Technology Ltd)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectXInstallService (x32 Version: 9.0.2 - Roxio) Hidden
EMC 10 Content (x32 Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (Version: 1.0.302 - Sonic) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exeba E-Swipe (HKLM-x32\...\{9844B51E-0CA6-40E9-BF73-B01E256F4197}) (Version:  - )
Exeba-COMM (HKLM-x32\...\{69FCCDC8-ECE0-480D-A5AD-E068EC29F1AD}) (Version:  - )
Google Chrome (HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.153 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IHA_MessageCenter (HKLM-x32\...\{BE2DDF55-4C42-44CC-A56E-C8E4A65CB2FF}) (Version: 1.6.0 - Verizon)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1029 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 4.2.9.15649 - LeapFrog)
LeapFrog Connect (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog MyOwnLeaptop Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LeapFrog Tag Plugin (x32 Version: 4.2.9.15649 - LeapFrog) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
Lottso Deluxe (HKLM-x32\...\exent_696450) (Version:  - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiniTools (HKLM-x32\...\MiniToolsv2.61) (Version: v2.61 - )
MotoHelper 2.1.32 Driver 5.4.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSR 5.12.04 (HKLM-x32\...\MSR Modular Signal Recorder_is1) (Version:  - )
MSR609HID (HKLM-x32\...\MSR609HIDv1.10) (Version: v1.10 - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat (HKLM-x32\...\Neat) (Version: 5.1.31.16 - The Neat Company)
Neat ADF Scanner 2008 Driver (HKLM\...\{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}) (Version: 2.0.1.2 - The Neat Company)
Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.1 - The Neat Company)
Neat Core Files (x32 Version: 5.1.31.16 - The Neat Company) Hidden
Neat Mobile Scanner (Silver) Driver (HKLM\...\{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner 2008 Driver (HKLM\...\{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}) (Version: 2.0.1.1 - The Neat Company)
Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)
Open Downloader Manager (HKLM-x32\...\OpenDownloaderManager) (Version:  - )
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio File Backup (Version: 1.3.0 - Roxio) Hidden
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.10.13089 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TelevisionFanatic Toolbar (HKLM-x32\...\TelevisionFanaticbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - W3i, LLC)
Uninstall Helper (x32 Version: 2.0.1.0 - W3i, LLC) Hidden
Unity Web Player (HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Use the entry named LeapFrog Connect to uninstall (LeapFrog MyOwnLeaptop Plugin) (HKLM-x32\...\LeaptopPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM-x32\...\TagPlugin) (Version: 4.2.9.15649 - LeapFrog)
Vz In Home Agent (HKLM-x32\...\{40D36ECF-FA05-4077-B836-C439CD0DDEF1}) (Version: 8.03.71 - Verizon)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000_Classes\CLSID\{0C3BA0B1-BC14-4B55-98DC-F1E913C1DA10}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000_Classes\CLSID\{6FFA7438-3E00-4176-9717-B3BBE2E704AB}\InprocServer32 -> C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\ActiveX64.ocx (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3306144526-1543565107-3197362354-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
06-09-2013 23:52:44 Windows Update
07-09-2013 15:02:26 Windows Modules Installer
07-09-2013 15:15:48 Windows Update
11-05-2015 18:14:56 Restore Operation
12-05-2015 21:03:27 Restore Point Created by FRST
16-05-2015 13:18:27 Removed WinZip 15.0
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2015-05-12 21:04 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0BEBB509-9B7D-431F-A7BC-9D35815492AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-14] (Google Inc.)
Task: {0C057DA2-17DB-4BB2-AC6A-CC093EDC625B} - System32\Tasks\{308E30B1-FEFD-447B-ADA7-0C1898344C1F} => pcalua.exe -a C:\Users\Owner\Downloads\HijackThis.exe -d C:\Users\Owner\Downloads
Task: {1B9B0D14-74C1-4190-AC33-271E84437971} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {2B1B8B33-FECC-4F45-B7C2-F6D3804EAF0F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3682579F-AFF7-4DF0-BAD8-B9CC5E6A811B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {4D06C704-6C81-412F-B4A3-C1B988EEDA89} - System32\Tasks\{5CA3271B-0433-4579-8024-9224B472AE75} => pcalua.exe -a C:\Windows\MSR609HID\uninstall.exe -d C:\Windows\MSR609HID
Task: {72378FCE-5788-4C6F-B1BA-D0D6E8F89D9E} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {7D1E9C3D-1E71-40D4-9010-F6A40B305E13} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: {94F11D60-3C63-4344-9CBA-CE10616EC673} - System32\Tasks\{3B5CCD45-9BC8-40ED-91FB-60625231AD5F} => pcalua.exe -a C:\Users\Owner\Downloads\RhapsodyVcast.EXE -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A237F078-75A1-4868-95A3-FE46C1795387} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {ADAA3CF0-34C0-4226-BC48-D1680A350BB6} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {B1DE67E2-FC1B-49DC-B565-DC5E19D1DEA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-14] (Google Inc.)
Task: {C316E194-9395-4E27-8AF9-B81A402EA6CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-05-14] (Google Inc.)
Task: {C44E1079-B147-4429-81CE-ECFFC61BD15D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-14] (Google Inc.)
Task: {DF42E2A3-118E-4A24-9AEA-25D78AC480E8} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3306144526-1543565107-3197362354-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-08-25 12:20 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-04-10 09:59 - 2013-02-04 10:00 - 00054784 _____ () C:\Windows\System32\sdtnpm.dll
2011-12-06 14:00 - 2011-12-06 14:00 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
2011-12-06 14:00 - 2011-12-06 14:00 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\Owner\Downloads\284532_2091072129574_6963947_n.jpg:Roxio EMC Stream
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3306144526-1543565107-3197362354-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
FirewallRules: [{44E4DF5F-19F3-4965-BEFB-B368249FC86B}] => (Allow) LPort=50000
FirewallRules: [{FBD679F0-2DC7-4C1F-BA67-4E88D13EA9B4}] => (Allow) C:\Program Files (x86)\ICQ7.6\ICQ.exe
FirewallRules: [{6D7F01CF-B1FC-4CB6-B300-3A580AF49B30}] => (Allow) C:\Program Files (x86)\ICQ7.6\ICQ.exe
FirewallRules: [{6402DF17-A4C6-46B3-AA44-856FDE48E461}] => (Allow) LPort=50000
FirewallRules: [{1B35B4AE-E69F-4E3B-A55E-A1CBFF9D347D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81CD796A-6C56-491F-A377-38F6A2DB73DC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C1342AD3-984E-4B8D-AB0B-211532CC9F1B}] => (Allow) C:\Program Files (x86)\V CAST Music with Rhapsody\rhapsody.exe
FirewallRules: [{405BF702-2634-4711-A44A-EA2CA21583A3}] => (Allow) C:\Program Files (x86)\V CAST Music with Rhapsody\rhapsody.exe
FirewallRules: [{A576507A-1403-4540-AAFC-5AC36092B2B2}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{38CBEADC-CEBF-48EE-91AB-283FE6AC8B51}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [TCP Query User{BA6826B7-6558-4801-BD62-ED2764494314}C:\program files (x86)\vuze\azureus.exe] => (Block) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [UDP Query User{1CFFBE4D-FD9B-4138-BA7C-EE1BC12A5F05}C:\program files (x86)\vuze\azureus.exe] => (Block) C:\program files (x86)\vuze\azureus.exe
FirewallRules: [{EBA0490D-7853-4160-B6E0-D1D2060C199C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{75857D67-66FC-4F50-8E44-7B5B7F34E474}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C560576C-DC23-45CC-AC32-95577FBDA864}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{56F03606-5C9D-4FA1-9979-5F523CE61928}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{546754B1-C7BF-4051-BE3D-95323543B46B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{E1D1AD23-BBA1-4637-9DDC-A58DBDD7A0A1}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{6103E9D4-EA9B-4B81-89E1-3D6EB2581B0E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{4BE096A5-520B-4102-AF14-D4A27894E6F9}C:\program files (x86)\phoenix viewer\slvoice.exe] => (Allow) C:\program files (x86)\phoenix viewer\slvoice.exe
FirewallRules: [UDP Query User{1B46A353-0BF9-471C-A91E-954637FB6A7F}C:\program files (x86)\phoenix viewer\slvoice.exe] => (Allow) C:\program files (x86)\phoenix viewer\slvoice.exe
FirewallRules: [TCP Query User{7889F757-73DA-4145-A6E3-F5EB57118350}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{A7A4F830-9AE2-4E2F-8600-E5C1547B5418}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{A4EB8632-FCAA-48DA-8F50-CD8A14A9580B}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{9715E611-33B2-4EBA-A139-33405933E7CA}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{2DF0720C-AC80-413F-8922-8A147B189313}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C461B663-2196-47E1-8588-18BFCCB0981D}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{AFA26F84-8B2E-4930-AB5A-CB793C7F57BA}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{D0A7F6FF-09A2-495F-A989-F99303F49DEF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{B5D71669-BA8A-486A-A0A6-53A6EACC6EB7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{30D1C1B1-2D8D-4976-B857-76647FEFA3DD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C0E3F0B5-9E89-4211-A067-75943CF5FF42}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{0D7F1F5D-3D0A-4F06-9BCB-CC48D3D91B54}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{5D5A8D0C-CC0D-479E-862D-9BEAD2E42998}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{220874EF-F9E8-4CC3-84CB-4522BA437531}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{D57F99BA-0865-43C1-B074-AE0B20F072B2}C:\program files (x86)\java\jre7\bin\java.exe] => (Block) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{1E845471-9681-4465-AFC7-9C4809AFB386}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zSC160.tmp\SymNRT.exe
FirewallRules: [{3F241C7A-245B-41C2-892C-0B529109F23D}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zSB89A.tmp\SymNRT.exe
FirewallRules: [{5C68D3DD-0F91-4CA5-9C39-0FA6506BA2F8}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zSC160.tmp\SymNRT.exe
FirewallRules: [{4C163891-2F4E-4D0B-B8A4-5865035910A3}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zSB89A.tmp\SymNRT.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/17/2015 06:48:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/17/2015 02:30:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/17/2015 11:37:57 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700c1).
 
Error: (05/17/2015 10:23:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/17/2015 09:37:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/17/2015 08:45:08 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700c1).
 
Error: (05/17/2015 08:41:55 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: (HRESULT : 0x800700c1).
 
Error: (05/17/2015 08:41:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43908494
 
Error: (05/17/2015 08:41:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43908494
 
Error: (05/17/2015 08:41:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (05/17/2015 06:48:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
RxFilter
 
Error: (05/17/2015 06:46:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:46:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:46:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:42:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:42:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:42:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (05/17/2015 06:41:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (05/17/2015 06:48:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (05/17/2015 02:30:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
 
Error: (05/17/2015 11:37:57 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: IEHistory(HRESULT : 0x800700c1)
 
Error: (05/17/2015 10:23:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (05/17/2015 09:37:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (05/17/2015 08:45:08 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: IEHistory(HRESULT : 0x800700c1)
 
Error: (05/17/2015 08:41:55 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: IEHistory(HRESULT : 0x800700c1)
 
Error: (05/17/2015 08:41:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 43908494
 
Error: (05/17/2015 08:41:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 43908494
 
Error: (05/17/2015 08:41:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-03-08 11:24:14.447
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-03-08 11:24:14.260
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 58%
Total physical RAM: 2008.36 MB
Available physical RAM: 840.09 MB
Total Pagefile: 6556.36 MB
Available Pagefile: 5312.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:297.99 GB) (Free:246.79 GB) NTFS
Drive d: (TOM_AND_JERRY_WISKERS_AWAY) (CDROM) (Total:3.5 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 592C76AD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

Advertisements


#101
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Excellent, let's remove a malware related program and update some out of date programs. :thumbsup:



Step 1: Program Uninstall

Please uninstall Television Fanatic Toolbar from your machine as it is a known malware program.


Step 2: Program Updates


A word about Java

Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.

For more information regarding this, see the two articles below:

Forbes: US Department of Homeland Security Calls on user do disable Java

US warns on Java software

Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.

If you do have software that requires it, then disable it until such time as it's needed by those programs.

Please click the link below for instructions to disable Java.

How to Disable Java in your Web Browser


If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.
  • Click on this link Java Website and click Do I Have Java?
  • Then click the Verify Java Version button. It will scan your current version and show you if you have the most current version.
You can find instructions for manually removing older versions for Windows XP, Vista, and 7 by clicking the link below:

Instructions for manually removing old versions of Java


Update Adobe flash Player
  • Your current version of Adobe Flash is out of date. Please update it by clicking the link below.
  • Also, make sure you Uncheck the box to install the McAfee Security Scan Plus software.
http://get.adobe.com/flashplayer/


Update Firefox

Your current version of FireFox is out of date. Please update it by clicking the Help tab and then select About FireFox. FireFox will then update itself.


Update Google Chrome

Your current version of Chrome is out of date. Please update it by following the link below and following the steps there.

https://support.goog...wer/95414?hl=en


Please let me know when these steps have been completed and we'll continue.
  • 0

#102
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Everything went swell except for I manually tried to uninstall java updates and it seems to be stuck. The uninstaller tool said it was an unsupported plug-in.


  • 0

#103
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

So, I need java plugin to uninstall java with their tool? LOL


  • 0

#104
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Java 7 update will not uninstall manually.. Any tips?


  • 0

#105
uFinditEazy!

uFinditEazy!

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

ok, It started to uninstall but shortly after ask if I want to let it update.. Im lost


  • 0






Similar Topics


Also tagged with one or more of these keywords: Freezing, Farbar wont download, Pop ups, Memory usage thru the roof, hard to use.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP